Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-3262

Upgrade embedded jackrabbit-jcr-server version in o.a.s.jcr.webdav

    XMLWordPrintableJSON

Details

    Description

      The WebDAV functionality in Jackrabbit has improved since the 2.4.4 version currently included in the o.a.s.jcr.webdav bundle. Most notably JCR-3630 fixes an XSS issue that is still present in 2.4.4.

      It would thus be a good idea to upgrade the jackrabbit-jcr-server dependency to 2.4.5 (to get the JCR-3630 fix) or to 2.6.4 (for JCR-3630 and other fixes/improvements).

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JCR-3630 XSS in DirListingExportHandler

          • Major - Major loss of function.
          • Closed

          Activity

            People

              fmeschbe Felix Meschberger
              jukkaz Jukka Zitting
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: