Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8260308

Update LogCompilation junit to 4.13.1

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b07

      Backports

        Description

        Open on behalf of Dan Lutker <lutkerd@amazon.com>

        LogCompilation uses a maven pom.xml file and it lists junit 4.8.2 as a dependency. That version contains a known vulnerability.

        Github advisory:
        https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp

        Several mirrors and downstream repos of OpenJDK are getting flagged because of this.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                alvdavi David Alvarez
                Reporter:
                alvdavi David Alvarez
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: