Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-13155

Fix potential vulnerabilities and bugs by upgrading dependencies

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.3
    • Component/s: None
    • Labels:
      None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      The bundled dependencies may be impacted by vulnerabilities and bugs. An obvious example is Apache Tomcat, that is bundled in SonarQube 8.2 with version 8.5.41 whereas the latest patch is 8.5.51 (see release notes).

      Patches on these dependencies should be applied when possible, if they don't introduce regressions. According to the context upgrading to a new major version can also makes sense.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              simon.brandhof Simon Brandhof (Inactive)
              Reporter:
              simon.brandhof Simon Brandhof (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: