Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ELY-2723] Fix failures in SSLAuthenticationTestCase with SE 21 #2113

Merged
merged 1 commit into from
May 6, 2024

Conversation

Skyllarr
Copy link
Contributor

@Skyllarr Skyllarr commented Mar 14, 2024

https://issues.redhat.com/browse/ELY-2723

This solution passes on JDK 21 but it is not ideal as the dependency version <version.org.glassfish.jaxb.jaxb-runtime>2.4.0-b180830.0438</version.org.glassfish.jaxb.jaxb-runtime> is older and contains vulnerabilities: https://mvnrepository.com/artifact/org.glassfish.jaxb/jaxb-runtime/2.4.0-b180830.0438 . This specific version is also used in wildfly repo: https://github.com/wildfly/wildfly/blob/main/testsuite/integration/elytron/pom.xml#L46 but it should be updated there as well. When I update the version to latest, the test does not pass anymore. So this needs further investigation later.

@Skyllarr Skyllarr requested a review from fjuma as a code owner March 14, 2024 17:34
@Skyllarr Skyllarr added the hold label Mar 14, 2024
Copy link
Contributor

@fjuma fjuma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Skyllarr! Since the Elytron OCSP tests in WildFly also depend on the same org.glassfish.jaxb.jaxb-runtime version, I think we could get this merged and get a follow up issue created to upgrade both the ocsp-server and org.glassfish.jaxb.jaxb-runtime versions.

@Skyllarr
Copy link
Contributor Author

@fjuma Good point, I created https://issues.redhat.com/browse/ELY-2736 and https://issues.redhat.com/browse/WFLY-19144 for upgrading the versions and I'm removing the hold label

@Skyllarr Skyllarr added +1 FJ and removed hold labels Mar 18, 2024
@Skyllarr
Copy link
Contributor Author

@ivassile This one can be reviewed if you'll have some time. Thank you!

@fjuma fjuma requested a review from ivassile March 19, 2024 13:33
@ivassile ivassile added the +1 IV label Mar 19, 2024
@Skyllarr
Copy link
Contributor Author

Skyllarr commented May 6, 2024

@fjuma Just noticed that this one can be merged now

@fjuma fjuma merged commit 460cda3 into wildfly-security:2.x May 6, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants