UNCLASSIFIED - NO CUI

Skip to content

Server update 20210105

Marc Williams requested to merge server-update-20210105 into development

Pull in updated osee server binary to resolve jetty vulnerability. cxf-3.3.6 vulnerability still present, but will mitigate by suppressing the /services page until we can accomplish planned cxf-3.3.6 upgrade to fixed version (3.3.8 or higher) and resolve issues that upgrade causes in the server. Want to merge to dev to get justifications spreadsheet to fill out and submit for approval (with mitigation). #2 (closed)

Merge request reports