curator-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mujassim Sheikh (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CURATOR-484) CVE-2014-0085, CVE-2018-8012 known security vulnerabilities
Date Mon, 12 Nov 2018 13:46:00 GMT

     [ https://issues.apache.org/jira/browse/CURATOR-484?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mujassim Sheikh updated CURATOR-484:
------------------------------------
    Description: 
1.org.apache.curator:curator-recipes:jar:4.0.1 having known security vulnerabilities *[CVE-2014-0085|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085]*

2. Due to the dependency on apache zookeeper 3.5.3-beta, curator is vulnerable to CVE-2018-8012
We should change it to use 3.5.4-beta as soon as possible.

 

  was:
1. org.apache.curator:curator-recipes:jar:4.0.1 having known security vulnerabilities *[CVE-2014-0085|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085]*

2. Is also dependent on org.apache.zookeeper:zookeeper:jar:3.5.3-beta having security vulnerabilities CVE-2018-8012.

 


> CVE-2014-0085, CVE-2018-8012 known security vulnerabilities
> -----------------------------------------------------------
>
>                 Key: CURATOR-484
>                 URL: https://issues.apache.org/jira/browse/CURATOR-484
>             Project: Apache Curator
>          Issue Type: Improvement
>            Reporter: Mujassim Sheikh
>            Assignee: Jordan Zimmerman
>            Priority: Major
>
> 1.org.apache.curator:curator-recipes:jar:4.0.1 having known security vulnerabilities *[CVE-2014-0085|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085]*
> 2. Due to the dependency on apache zookeeper 3.5.3-beta, curator is vulnerable to CVE-2018-8012
> We should change it to use 3.5.4-beta as soon as possible.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message