UNCLASSIFIED - NO CUI

Skip to content

Update to eclipse 20211110 and openjdk11

Arlette Molina requested to merge update_eclipse_20211110_openjdk11 into development

Pipeline #670283: Container image has been updated and scans with 2 uninherited vulnerabilities. Back in October 2021, @sean.melissari justified vulnerability CVE-2011-5034 a False Positive: "I would consider the hit on CVE-2011-5034 a false positive since it is for the app server itself. 1.1.1 is the latest version of the geronimo-jta which is what javax.transaction is using.

If this justification is enough, Please merge branch update_eclipse_20211110_openjdk11 to development (and thence to master at your pleasure) so that we can get an "official" rebuild and rescan. Thanks!

osee-hsql_1.0.0.v20211110c-670283-justifications.xlsx #13 (closed)

Edited by Marc Williams

Merge request reports

Loading