Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

There is a vulnerability in Jena 3.9.0,upgrade recommended #1083

Open
QiAnXinCodeSafe opened this issue Jun 7, 2022 · 1 comment · May be fixed by #1418
Open

There is a vulnerability in Jena 3.9.0,upgrade recommended #1083

QiAnXinCodeSafe opened this issue Jun 7, 2022 · 1 comment · May be fixed by #1418
Assignees
@calumcalder

Comments

@QiAnXinCodeSafe
Copy link

https://github.com/google/data-transfer-project/blob/ef53a7e92ef77a3efe0bdc378262215d0fe7498d/extensions/data-transfer/portability-data-transfer-solid/build.gradle#L40

CVE-2022-28890 CVE-2021-39239 CVE-2021-33192

Recommended upgrade version:4.2.0
@lisad
Copy link
Member

lisad commented Nov 4, 2024

In lieu of upgrading this library, we're going to attempt removing it - the extension that is using the library is not operable and should not be live code that imports libraries that the rest of DTP doesn't need.

@calumcalder calumcalder linked a pull request Dec 19, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@calumcalder calumcalder

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: remove Solid adapter calumcalder/data-transfer-project
3 participants
@lisad @calumcalder @QiAnXinCodeSafe