remove commons httpclient from main
Bug #1075359 reported by
Seth Arnold
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
commons-httpclient (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Apache Commons HttpClient has not been supported by upstream since 2007; the project page requests all users to migrate to Apache HttpComponents project HttpClient: http://
This is motivated by http://
We should drop the package before our next LTS release to save ourselves the burden of maintaining it any longer than necessary; there's no time like the present.
Thanks
CVE References
To post a comment you must log in.
CVE-2012-5783 is fixed in 3.1-10.2
https:/ /launchpad. net/ubuntu/ +source/ commons- httpclient/ 3.1-10. 2
Removing Commons HttpClient 3.1 forces to remove or to patch all packages depending on it, because there's an API change from v3 to v4
This is the list of ubuntu packages wich will need to be patched to use HttpComponents (libhttpclient- java):
# apt-rdepends -r libcommons- httpclient- java
...
libcommons- httpclient- java dfsg-1build1) htmlunit- java (2.6-jenkins- 6-1fakesync1) dfsg-1build1) docck-plugin- java (1.0-4) javadoc- plugin- java (2.6.1-2) wiki-publisher (1.1.1+ LibO3.5. 2-2ubuntu1) client- java (3.1.3-5) 2ubuntu2)
Reverse Depends: biomaj (1.2.0-3)
Reverse Depends: eclipse-platform (>= 3.7.2-1)
Reverse Depends: fetchexc (2.0-4)
Reverse Depends: gradle (1.0~m3-1)
Reverse Depends: jajuk (1:1.9.5-3)
Reverse Depends: jets3t (0.8.1+
Reverse Depends: jftp (1.52+dfsg-1)
Reverse Depends: jmeter (2.3.4-2ubuntu2)
Reverse Depends: jmeter-http (2.3.4-2ubuntu2)
Reverse Depends: jspwiki (2.8.0-4)
Reverse Depends: libaxis-java (1.4-16)
Reverse Depends: libgradle-core-java (1.0~m3-1)
Reverse Depends: libjabsorb-java (1.3-2)
Reverse Depends: libjenkins-
Reverse Depends: libjenkins-java (1.424.6+dfsg-1)
Reverse Depends: libjets3t-java (0.8.1+
Reverse Depends: libmaven-
Reverse Depends: libmaven-
Reverse Depends: libreoffice-
Reverse Depends: libuima-as-java (2.3.1-2)
Reverse Depends: libwagon-java (1.0.0-2ubuntu2)
Reverse Depends: libxmlrpc3-
Reverse Depends: maven (3.0.4-2)
Reverse Depends: rdscli (1.4.007-0ubuntu1)
Reverse Depends: solr-common (>= 1.4.1+dfsg1-
Reverse Depends: triplea (1.3.2.2-2)
...