Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrades to jsoup 1.9.1 to no longer be warned about CVE-2015-6748 #264

Merged
merged 1 commit into from
Aug 18, 2018
Merged

Conversation

dheid
Copy link
Contributor

@dheid dheid commented Aug 17, 2018

Hi! My OWASP dependency check complains about an old jsoup version, that has the vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2015-6748#vulnCurrentDescriptionTitle

Please consider upgrading to 1.9.1. I ran all tests and it looked good.

@danfickle
Copy link
Owner

Hi @dheid,

Thanks a lot for this. I’m not sure anyone is using the jsoup module but we need to keep dependencies up to date regardless. I’ll merge now.

@danfickle danfickle merged commit aacff41 into danfickle:open-dev-v1 Aug 18, 2018
@dheid
Copy link
Contributor Author

dheid commented Aug 18, 2018

Thank you very much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants