[FOLIO-2640] Fix 'okapi-debian' security vulnerability reported in log4j >= 1.2, <= 1.2.27 Created: 09/Jun/20 Updated: 09/Jun/20 |
|
| Status: | Open |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | TBD |
| Reporter: | Peter Murray | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||
| Sprint: | |||||||||
| Description |
|
Is https://github.com/folio-org/okapi-debian still relevant? There haven't been substantial commits in a while. Can we retire this repo? |
| Comments |
| Comment by Peter Murray [ 09/Jun/20 ] |
|
John Malconian: It looks like you have been the only one that has committed to this repo. Would it be okay if we archive this repo? |
| Comment by John Malconian [ 09/Jun/20 ] |
|
This repo is not updated often, but we still need it for Okapi Debian packages. I'm hoping we can stop supporting Okapi debian packages soon, but, for now, we still need it (for testing purposes). |
| Comment by Peter Murray [ 09/Jun/20 ] |
|
Okay, thanks. Can you update the log4j dependencies in a few places in that repo?
|