Uploaded image for project: 'Apache Jena'
  1. Apache Jena
  2. JENA-2222

Dependency updates for jena-geosparql and jena-fuseki-geosparql

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • Jena 4.3.2
    • Jena 4.4.0
    • GeoSPARQL
    • None

    Description

      Found by running

      mvn org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -fn -f pom.xml

      jdom:jdom2 and commons-beanutils:commons-beanutils are dependencies and need updates.

      jdom:jdom2 : CVE-2021-33813 : 2.0.6 -> 2.0.6.1
      beanutils: CVE-2019-10086 :1.9.3->1.9.4

      Also:

      Ideally, the version of all dependencies should be controlled in the Jena top POM.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1135

          Activity

            People

              andy Andy Seaborne
              andy Andy Seaborne
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: