Uploaded image for project: 'ZK'
  1. ZK
  2. ZK-3859

upgrade commons fileupload

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: Freshly, 8.0.5, 8.5.0, 8.5.1
    • Fix Version/s: 8.5.1
    • Component/s: Components
    • Security Level: Jimmy
    • Labels:

      Description

      https://nvd.nist.gov/vuln/detail/CVE-2016-1000031
      https://issues.apache.org/jira/browse/FILEUPLOAD-279
      fixed in 1.3.3

      Workaround

      manually update the dependency to 1.3.3

      <dependency>
      	<groupId>commons-fileupload</groupId>
      	<artifactId>commons-fileupload</artifactId>
      	<version>1.3.3</version>
      </dependency>
      

        Attachments

          Activity

            People

            Assignee:
            rudyhuang rudyhuang
            Reporter:
            cor3000 cor3000
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 hour
                1h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour
                1h