Fix for CVE-2021-22134 in 7.10.X version

Hello, do exist any plans to create a security patch for CVE-2021-22134 NVD - CVE-2021-22134 in 7.10.x version, if yes then when?
Thanks

It went into version 7.12 so you need to upgrade to that version. Older minor versions are no longer receiving patches.

1 Like

Thanks for your response. So there no chance to have a fix in the version on a pure Apache 2.0 license?

The vulnerability applies to the security code which is not part of the oss distribution.

As the oss distribution does not come with any security you probably need to look for vulnerabilities related to what you use to secure it.

6 Likes