Fix for CVE-2021-22134 in 7.10.X version

Ruslan_Kovpey · April 6, 2021, 2:15pm

Hello, do exist any plans to create a security patch for CVE-2021-22134 NVD - CVE-2021-22134 in 7.10.x version, if yes then when?
Thanks

Christian_Dahlqvist · April 6, 2021, 2:38pm

It went into version 7.12 so you need to upgrade to that version. Older minor versions are no longer receiving patches.

Ruslan_Kovpey · April 6, 2021, 2:42pm

Thanks for your response. So there no chance to have a fix in the version on a pure Apache 2.0 license?

Christian_Dahlqvist · April 6, 2021, 2:53pm

The vulnerability applies to the security code which is not part of the oss distribution.

As the oss distribution does not come with any security you probably need to look for vulnerabilities related to what you use to secure it.

system · May 4, 2021, 2:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.