Uploaded image for project: 'Fuse Tooling'
  1. Fuse Tooling
  2. FUSETOOLS-3094

Reduce CVE issues in org.fusesource.ide bundles

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Major Major
    • Backlog
    • None
    • None
    • None

      Some CVE issues exist in fuse bundles:

      unpacked/devstudio-12.9.0.AM2-v20180808-0721-B3149-updatesite-core/
      org.fusesource.ide.camel.model.service.impl.v2151redhat621216_11.1.0.v20180723-1842.jar/libs
      org.fusesource.ide.camel.model.service.impl.v2151redhat621216_11.1.0.v20180723-1842.jar/libs/camel-core-2.15.1.redhat-621216.jar/META-INF/maven/org.apache.camel/camel-core
      org.fusesource.ide.camel.model.service.impl.v2170redhat630347_11.1.0.v20180725-0619.jar/libs
      org.fusesource.ide.camel.model.service.impl.v2170redhat630347_11.1.0.v20180725-0619.jar/libs/camel-core-2.17.0.redhat-630347.jar/META-INF/maven/org.apache.camel/camel-core
      org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs
      org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs/camel-core-2.18.1.redhat-000021.jar/META-INF/maven/org.apache.camel/camel-core
      org.fusesource.ide.camel.model.service.impl.v2181redhat000021_11.1.0.v20180723-1842.jar/libs/camel-core-2.18.1.redhat-000021.jar/META-INF/maven/org.apache.camel/spi-annotations
      org.fusesource.ide.camel.model.service.impl.v2203_11.1.0.v20180723-1842.jar/libs
      org.fusesource.ide.camel.model.service.impl.v2210fuse000077redhat1_11.1.0.v20180723-1842.jar/libs
      org.fusesource.ide.camel.model.service.impl_11.1.0.v20180801-0947.jar/libs
      org.fusesource.ide.jmx.activemq_11.1.0.v20180723-1842.jar/libs
      org.fusesource.ide.wsdl2rest_11.1.0.v20180807-1302.jar/libs

      https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report-merged/lastBuild/dependency-check-jenkins-pluginResult/

      Verification: check if we have fewer CVEs after updating to newer version of fuse 11.1.x:

      https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report/lastBuild/dependency-check-jenkins-pluginResult/HIGH/ vs. #103
      https://dev-platform-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/Devstudio/view/jbosstools-releng/job/devstudio.cve.report-merged/lastBuild/dependency-check-jenkins-pluginResult/HIGH/ vs. build #87

            Unassigned Unassigned
            nickboldt Nick Boldt
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: