search

IBMStreams / streamsx.objectstorage

The com.ibm.streamsx.objectstorage toolkit supports Object Storage services with S3 API like IBM Cloud Object Storage service.
https://ibmstreams.github.io/streamsx.objectstorage
Other
4 stars 7 forks source link

Potential security vulnerability in junit.jar #224

Closed markheger closed 3 years ago

markheger commented 3 years ago

CVE-2020-15250

Solution: upgrade to 4.13.1

<dependency>
    <groupId>junit</groupId>
    <artifactId>junit</artifactId>
    <version>4.13.1</version>
</dependency>
markheger commented 3 years ago

The pom.xml used by JUnit test suite (https://github.com/IBMStreams/streamsx.objectstorage/blob/develop/test/java/com.ibm.streamsx.objectstorage.test/pom.xml) has already the junit 4.13.1 dependency.

For the toolkit release the junit.jar should be deleted in opt/downloaded directory