Queries regarding Apache Ant 1.7.0

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Queries regarding Apache Ant 1.7.0

Shrey Bhatt
 Hello Team,

This is regarding the library Apache Ant 1.7.0 version released earlier
under Apache Software.

We are using the library in our application and would like to know the
following:
1. Is the library Apache Ant 1.7.0 currently supported by your team?
2. Were there any security vulnerabilities reported for Apache Ant 1.7.0
which could affect the application
3. In case if support is not provided or there are security
vulnerabilities, could you please let us know the version which could
provide us support as well as using which we could get rid of those
vulnerabilities?

Please provide information on the above, since we are assessing the
application for any possible security threats.

Thanks and Regards,
Shrey Bhatt
Reply | Threaded
Open this post in threaded view
|

Re: Queries regarding Apache Ant 1.7.0

Jaikiran Pai
Ant 1.7.x is more than a decade old release. It certainly isn't
"supported" by the Ant development team. When I say supported, I mean,
there are no 1.7.x specific branches or fixes that happen for that version.

Ant right now ships two version series. The 1.9.x series (latest
available version is 1.9.15) which requires a minimum of Java 5 runtime
for use. The 1.10.x series (latest version is 1.10.8) which requires a
minimum of Java 8 runtime for use. We have been considering stopping
1.9.x series as well, but that vote hasn't passed for now.

I would recommend using 1.10.x series of Ant. The binaries can be
downloaded at https://ant.apache.org/bindownload.cgi

-Jaikiran

On 17/06/20 10:53 pm, Shrey Bhatt wrote:

>  Hello Team,
>
> This is regarding the library Apache Ant 1.7.0 version released earlier
> under Apache Software.
>
> We are using the library in our application and would like to know the
> following:
> 1. Is the library Apache Ant 1.7.0 currently supported by your team?
> 2. Were there any security vulnerabilities reported for Apache Ant 1.7.0
> which could affect the application
> 3. In case if support is not provided or there are security
> vulnerabilities, could you please let us know the version which could
> provide us support as well as using which we could get rid of those
> vulnerabilities?
>
> Please provide information on the above, since we are assessing the
> application for any possible security threats.
>
> Thanks and Regards,
> Shrey Bhatt
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Queries regarding Apache Ant 1.7.0

Stefan Bodewig
In reply to this post by Shrey Bhatt
just adding one more detail to what Jaikiran said:

On 2020-06-17, Shrey Bhatt wrote:

> 2. Were there any security vulnerabilities reported for Apache Ant 1.7.0
> which could affect the application

Yes, there have been. Please see https://ant.apache.org/security.html

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]