Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
Description
Apache FtpServer 1.1.1 depends on a version of Apache MINA vulnerable to CVE-2019-0231, related to socket close handling for TLS communication. The FtpServer dependency should be upgraded to 1.2.0, which incorporates a new version of Apache MINA.
Attachments
Issue Links
- links to