CVE-2024-29736: Update cxf-core to 3.6.4 or higher

Description

We need to update org.apache.cxf/cxf-core to 3.6.4 or higher in order to address CVE-2024-29736 & CVE-2024-32007

Acceptance / Success Criteria

None

Activity

Show:

Christian Pape 3 hours ago

Merged.

Christian Pape 5 hours ago

Please review:

PR: https://github.com/OpenNMS/opennms/pull/7688

Darren Parker 3 days ago

Our client’s security scanner has given these findings ‘Critical’ and ‘High’. If there is any way they can be fixed quickly, that will help us out. Thanks!

Fixed

Details
Assignee
Christian Pape
Reporter
Dino Yancey
Labels
bugfixslasecuritysupport
HB Grooming Date
Apr 01, 2025
HB Backlog Status
Refined Backlog
Sprint
Horizon Apr 2 - Apr 16
Fix versions
Meridian-2024.2.5
Affects versions
Meridian-2023.1.25
Meridian-2024.2.4
33.1.4
Priority
High

PagerDuty

Created 3 days ago

Updated 3 hours ago

Resolved 3 hours ago

CVE-2024-29736: Update cxf-core to 3.6.4 or higher

Description

Acceptance / Success Criteria

Activity

Christian Pape 3 hours ago

Christian Pape 5 hours ago

Darren Parker 3 days ago

Details
Assignee
Christian Pape
Reporter
Dino Yancey
Labels
bugfixslasecuritysupport
HB Grooming Date
Apr 01, 2025
HB Backlog Status
Refined Backlog
Sprint
Horizon Apr 2 - Apr 16
Fix versions
Meridian-2024.2.5
Affects versions
Meridian-2023.1.25
Meridian-2024.2.4
33.1.4
Priority
High

Details

Assignee

Reporter

Labels

HB Grooming Date

HB Backlog Status

Sprint

Fix versions

Affects versions

Priority

PagerDuty

PagerDuty

Flag notifications

Something's gone wrong

Something's gone wrong

CVE-2024-29736: Update cxf-core to 3.6.4 or higher

Description

Acceptance / Success Criteria

Activity

Christian Pape 3 hours ago

Christian Pape 5 hours ago

Darren Parker 3 days ago

DetailsAssigneeChristian PapeChristian PapeReporterDino YanceyDino YanceyLabelsbugfixslasecuritysupportHB Grooming DateApr 01, 2025HB Backlog StatusRefined BacklogSprintHorizon Apr 2 - Apr 16+1Fix versionsMeridian-2024.2.5Affects versionsMeridian-2023.1.25Meridian-2024.2.433.1.4PriorityHigh

Details

Assignee

Reporter

Labels

HB Grooming Date

HB Backlog Status

Sprint

Fix versions

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Flag notifications

Something's gone wrong

Something's gone wrong

Details
Assignee
Christian Pape
Reporter
Dino Yancey
Labels
bugfixslasecuritysupport
HB Grooming Date
Apr 01, 2025
HB Backlog Status
Refined Backlog
Sprint
Horizon Apr 2 - Apr 16
Fix versions
Meridian-2024.2.5
Affects versions
Meridian-2023.1.25
Meridian-2024.2.4
33.1.4
Priority
High

PagerDuty