PrimeTek
When can v8.0.24 be expected? #85
-
|
Hi, due to CVE-2022-45688 in org.json/json which seem to be fixed in PF 8.0.24 (primefaces/primefaces#9752) I like to ask when this release can be expected. Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
If I understand well what @melloware is saying it seems to be a false positive. Only few classes are being shaded in PF lib, XML is not one of them. But I guess there is no harm to cherry pick that commit in PRO/ELITE branches (if possible) Up to @mertsincan |
Beta Was this translation helpful? Give feedback.
-
|
@Rapster you have it correct. |
Beta Was this translation helpful? Give feedback.
If I understand well what @melloware is saying it seems to be a false positive. Only few classes are being shaded in PF lib, XML is not one of them. But I guess there is no harm to cherry pick that commit in PRO/ELITE branches (if possible) Up to @mertsincan