Versions Compared

Old Version 37

changes.mady.by.user Jacques Le Roux

Saved on

compared with

New Version Current

changes.mady.by.user Jacques Le Roux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Deprecated: no longer usable


Alert
titleDeprecated: no longer usable
typeWarning

Since OFBiz uses Gradle, all dependent libraries (ie also dependencies from the libraries OFBiz uses and recursively) are loaded by Gradle and analysed by the OWASP Dependency Check plugin. So it's materially impossible to check all the possible vulnerabilities.


Info
titleHistory

Please refer to history for information on released and older trunk versions. The links might fail though, since the OFBiz svn repo structure has changed while splitting frameworks from plugins.

...

  • at.bxm.svntools:at.bxm.svntools.gradle.plugin [2.2.1 -> 3.0]
  • com.lowagie:itext [2.1.7 -> 4.2.2]
  • org.apache.derby:derby [10.14.2.0 -> 10.15.2.0]
  • org.apache.sshd:sshd-core [1.7.0 -> 2.4.0]
  • org.apache.tomcat:tomcat-catalina-ha [9.0.34 -> 10.0.0-M3]
  • org.apache.tomcat:tomcat-jasper [9.0.34 -> 10.0.0-M3]
  • org.apache.tomcat.embed:tomcat-embed-websocket [9.0.34 -> 10.0.0-M3]
  • org.apache.xmlgraphics:fop [2.3 -> 2.4]
  • org.codehaus.groovy:groovy-all [2.5.8 -> 3.0.3]
  • org.jasig.cas:cas-server-core [3.3.5 -> 4.2.7]
  • org.apache.shiro:shiro-core [1.4.1 -> 1.5.3]

  • I tried to update Solr and Lucene to 8.7.0 but crossed issues (compilation and Eclipse classpath)

  • Same for Jersey with 3.0.0 version

Also be sure to check the main build.gradle. Some Java classes need internal versions update too:

...