-
Enhancement
-
Resolution: Fixed
-
P5
-
11, 17
-
b07
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8267325 | 16u-cpu | Paul Hohensee | P5 | Resolved | Fixed | master |
JDK-8267195 | 16.0.2 | Paul Hohensee | P5 | Resolved | Fixed | b05 |
JDK-8262932 | 13.0.7 | Ekaterina Vergizova | P5 | Resolved | Fixed | b03 |
JDK-8260595 | 11.0.12-oracle | Dukebot | P5 | Resolved | Fixed | b01 |
JDK-8260552 | 11.0.11 | Igor Ignatyev | P5 | Resolved | Fixed | b01 |
LogCompilation uses a maven pom.xml file and it lists junit 4.8.2 as a dependency. That version contains a known vulnerability.
Github advisory:
https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
Several mirrors and downstream repos of OpenJDK are getting flagged because of this.
- backported by
-
JDK-8260552 Update LogCompilation junit to 4.13.1
-
- Resolved
-
-
JDK-8260595 Update LogCompilation junit to 4.13.1
-
- Resolved
-
-
JDK-8262932 Update LogCompilation junit to 4.13.1
-
- Resolved
-
-
JDK-8267195 Update LogCompilation junit to 4.13.1
-
- Resolved
-
-
JDK-8267325 Update LogCompilation junit to 4.13.1
-
- Resolved
-
- links to
-
Commit openjdk/jdk13u-dev/335890fc
-
Commit openjdk/jdk16u/860ca3fd
-
Commit openjdk/jdk/ef247ab2
-
Review openjdk/jdk13u-dev/135
-
Review openjdk/jdk16u/116
-
Review openjdk/jdk/2199