Update to eclipse 20211110 and openjdk11 (!27) · Merge requests · Iron Bank Containers / F18 Navy

Arlette Molina requested to merge update_eclipse_20211110_openjdk11 into development Feb 01, 2022

Pipeline #670283: Container image has been updated and scans with 2 uninherited vulnerabilities. Back in October 2021, @sean.melissari justified vulnerability CVE-2011-5034 a False Positive: "I would consider the hit on CVE-2011-5034 a false positive since it is for the app server itself. 1.1.1 is the latest version of the geronimo-jta which is what javax.transaction is using.

If this justification is enough, Please merge branch update_eclipse_20211110_openjdk11 to development (and thence to master at your pleasure) so that we can get an "official" rebuild and rescan. Thanks!

osee-hsql_1.0.0.v20211110c-670283-justifications.xlsx #13 (closed)

Edited Feb 08, 2022 by Marc Williams

Admin message

Update to eclipse 20211110 and openjdk11

Merge request reports