Hello
In a recent Software composition analysis, some of the open libraries used in crystal reports were reported as outdated and hence categorized as Vulnerable. We are using Crystal reports 2013
Libraries like
Apache Log4Net1.2.10 , apache/xerces-c2.1.0 , apache/xerces-c2.7.0
curl7.13.2, libjpeg6b, libpng1.0.30, zlib1.2.3
We are planning to upgrade Crystal reports to Version 2020. But does that resolve issue with outdated libraries?
I see, for example, the Zlib library's latest version was released in October 2022.
How do SAP ensure that Crystal reports outdated open-source libraries are updated regularly?