[MODCITEM-16] Upgrade to folio-spring-base 7.2.2, bcprov-jdk18on:jar 1.73 Created: 27/Nov/23 Updated: 07/Dec/23 Resolved: 07/Dec/23 |
|
| Status: | Closed |
| Project: | mod-circulation-item |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | P2 |
| Reporter: | Julian Ladisch | Assignee: | Julian Ladisch |
| Resolution: | Done | Votes: | 0 |
| Labels: | security, security-reviewed | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Sprint: | |
| Development Team: | Volaris |
| Release: | Quesnelia (R1 2024) |
| RCA Group: | Related dependency upgrade |
| Description |
|
Upgrade folio-spring-base from 7.2.0 to 7.2.2. This indirectly upgrades bcprov-jdk15on@1.69 to bcprov-jdk18on:jar:1.73 fixing out of memory (OOM) denial of service (DoS): |
| Comments |
| Comment by Julian Ladisch [ 27/Nov/23 ] |
|
Pull request for code review: https://github.com/folio-org/mod-circulation-item/pull/14 |
| Comment by Julian Ladisch [ 27/Nov/23 ] |
|
The Volaris team needs to merge the pull request because I don't have write access for this repository. |