atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Apoorv Naik (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (ATLAS-2671) Version upgrade to mitigate CVE
Date Thu, 10 May 2018 17:12:00 GMT

     [ https://issues.apache.org/jira/browse/ATLAS-2671?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Apoorv Naik updated ATLAS-2671:
-------------------------------
    Attachment: 0001-CVE-Jackson-and-Lucene-dependency-upgrade.patch
                0002-CVE-Spring-upgrades.patch

> Version upgrade to mitigate CVE
> -------------------------------
>
>                 Key: ATLAS-2671
>                 URL: https://issues.apache.org/jira/browse/ATLAS-2671
>             Project: Atlas
>          Issue Type: Improvement
>            Reporter: Apoorv Naik
>            Assignee: Apoorv Naik
>            Priority: Major
>             Fix For: 1.0.0
>
>         Attachments: 0001-CVE-Jackson-and-Lucene-dependency-upgrade.patch, 0002-CVE-Spring-upgrades.patch
>
>
> Spring and Jackson have certain CVEs related to remote code execution. Upgrading the
versions would resolve this vulnerability.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message