[FOLIO-2640] Fix 'okapi-debian' security vulnerability reported in log4j >= 1.2, <= 1.2.27 Created: 09/Jun/20  Updated: 09/Jun/20

Status: Open
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: Peter Murray Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to OKAPI-801 Fix security vulnerability reported i... Closed
Sprint:

 Description   

Is https://github.com/folio-org/okapi-debian still relevant? There haven't been substantial commits in a while. Can we retire this repo?



 Comments   
Comment by Peter Murray [ 09/Jun/20 ]

John Malconian: It looks like you have been the only one that has committed to this repo. Would it be okay if we archive this repo?

Comment by John Malconian [ 09/Jun/20 ]

This repo is not updated often, but we still need it for Okapi Debian packages. I'm hoping we can stop supporting Okapi debian packages soon, but, for now, we still need it (for testing purposes).

Comment by Peter Murray [ 09/Jun/20 ]

Okay, thanks. Can you update the log4j dependencies in a few places in that repo?

  • okapi-test-module/pom.xml
  • okapi-common/pom.xml
  • okapi-core/pom.xml
  • okapi-test-auth-module/pom.xml
  • okapi-test-header-module/pom.xml
Generated at Thu Feb 08 23:22:09 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.