Hi Dave,
here a few answers.
Re 1: That's correct, the latest released OpenCMIS version is 1.1.
Re 2: Yes and no. Apache CXF is only needed if you want to support the
Webservices binding (which is rather likely for a CMIS server). It is
possible to drop in a newer Apache CXF version, though.
R
Hello!
Thank you in advance for your time and attention to my questions.
1. Is it true that the latest release of OpenCMIS Server is version 1.1?
2. Is it acceptable to say OpenCMIS 1.1 is dependent on Apache CXF 3.1.2 which
is vulnerable to CVE-2019-12419?
3. Is there a newer release of Ope
