UNCLASSIFIED - NO CUI

Skip to content

Server update 20210105

Marc Williams requested to merge server-update-20210105 into development

Resolved jetty vulnerability. Want merge to dev so can get justifications spreadsheet to fill out for re-approval. Will still have open cxf-3.3.6 CVE-2020-13954, but will mitigate it by suppressing the /services page until we can resolve server breakage issues from upgrading to cxf-3.3.8 or higher. Our intent is to upgrade cxf, but we'll need a bit more time to do that and fix breakage in the server. #2 (closed)

Merge request reports

Loading