accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [accumulo] ctubbsii commented on issue #1072: Upgrade jetty to fix CVE
Date Wed, 03 Apr 2019 17:48:50 GMT
ctubbsii commented on issue #1072: Upgrade jetty to fix CVE
URL: https://github.com/apache/accumulo/pull/1072#issuecomment-479591557
 
 
   One thing I've found about security alerts: if you dismiss them, you cannot un-dismiss
them, so let's be sure that's what we want to do before they are dismissed. We can still see
the dismissed ones, though. I think marking it as inaccurate is appropriate. I verified on
the bugzilla that the CVE does not apply to 9.2, since it's a bug in an HTTP/2 feature only,
and 9.2 doesn't support HTTP/2 at all.
   
   However, we should still update to the latest 9.2.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message