[FOLIO-3045] Replace http by https in http://maven.indexdata.com/ in pom.xml files Created: 01/Mar/21  Updated: 15/Dec/21  Resolved: 11/Jun/21

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Bug Priority: P3
Reporter: Julian Ladisch Assignee: Unassigned
Resolution: Done Votes: 0
Labels: security, security-reviewed
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
is blocked by FOLIO-3044 https for http://maven.indexdata.com/... Closed
Defines
defines UXPROD-2851 NFR: Data Import (Batch Importer for ... Closed
is defined by MODSOURMAN-628 Upgrade to RAML Module Builder 33.2.x Closed
is defined by MODSOURMAN-651 cql2pgjson, Vertx 4.2.2, JUnit 4.13.2 Closed
is defined by CIRC-1326 RMB 33.1.1, Vert.x 4.2.1, PubSub 2.4.... Closed
is defined by RMB-823 Update maven.indexdata.com url Closed
Relates
relates to FOLIO-3106 Update Index Data maven repo url Closed
relates to MODINV-430 Update dependencies to replace http b... Closed
Sprint: CP: Roadmap backlog
Development Team: Core: Platform

 Description   

Fix Machine-in-the-Middle (MITM) attack vulnerability, for details see FOLIO-3044 Closed .

Affected pom.xml files:
https://github.com/search?q=org%3Afolio-org+%22http%3A%2F%2Fmaven.indexdata.com%22&type=Code



 Comments   
Comment by Julian Ladisch [ 11/Jun/21 ]

All issues have been fixed except for two repositories that have been archived, are no longer used and thus don't need a fix:
https://github.com/folio-org/okapi-debian/blob/d7f6058f93f08d85e2681a86a44c9f60588eea9f/pom.xml#L136
https://github.com/folio-org/cql2pgjson-java/blob/c1eafb09a6550f8b315a6382d492044a5d5ba253/cql2pgjson/pom.xml#L31

Generated at Thu Feb 08 23:25:12 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.