helix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HELIX-257) Upgrade Restlet to 2.1.4 - due security flaw
Date Mon, 21 Oct 2013 18:24:41 GMT

    [ https://issues.apache.org/jira/browse/HELIX-257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13800918#comment-13800918
] 

Hudson commented on HELIX-257:
------------------------------

FAILURE: Integrated in helix #1194 (See [https://builds.apache.org/job/helix/1194/])
[HELIX-257] Upgraded restlet from 1.1.10 to 2.1.4 (merged pull request from mrietveld) (kanak:
rev 422434240c9862b91a332f5effb8258903faaf49)
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/SchedulerTasksResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ErrorsResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ControllerStatusUpdateResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ConstraintResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ClusterRepresentationUtil.java
* helix-core/src/main/java/org/apache/helix/controller/restlet/ZNRecordUpdateResource.java
* helix-core/pom.xml
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ZkChildResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ZkPathResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ExternalViewResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/StateModelsResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/IdealStateResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ResourceGroupResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ControllerResource.java
* helix-core/src/main/java/org/apache/helix/manager/zk/ZNRecordStreamingSerializer.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/CurrentStatesResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/StatusUpdatesResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ConfigResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ResourceGroupsResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ErrorResource.java
* helix-admin-webapp/src/test/java/org/apache/helix/tools/TestHelixAdminScenariosRest.java
* helix-core/src/main/java/org/apache/helix/controller/restlet/ZkPropertyTransferApplication.java
* helix-core/src/main/java/org/apache/helix/controller/restlet/ZKPropertyTransferServer.java
* helix-admin-webapp/pom.xml
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/CurrentStateResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/StateModelResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/RestAdminApplication.java
* helix-admin-webapp/src/test/java/org/apache/helix/webapp/TestClusterManagementWebapp.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ClusterResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/StatusUpdateResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/InstancesResource.java
* pom.xml
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/InstanceResource.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/JsonParameters.java
* helix-admin-webapp/src/main/java/org/apache/helix/webapp/resources/ClustersResource.java
* helix-core/src/main/java/org/apache/helix/controller/restlet/ZkPropertyTransferClient.java
* helix-agent/pom.xml


> Upgrade Restlet to 2.1.4 - due security flaw
> --------------------------------------------
>
>                 Key: HELIX-257
>                 URL: https://issues.apache.org/jira/browse/HELIX-257
>             Project: Apache Helix
>          Issue Type: Bug
>          Components: helix-core
>    Affects Versions: 0.6.0-incubating, 0.6.1-incubating, 0.6.2-incubating
>            Reporter: Alexadre Porcelli
>            Assignee: Kanak Biscuitwala
>            Priority: Critical
>         Attachments: 0001-HELIX-257-Upgraded-restlet-from-1.1.10-to-2.1.4.patch
>
>
> The current version of Restlet used by Helix has at least 2 know security flaws CVE-2013-4221
and CVE-2013-4271.
> Those issues are addressed in Restlet 2.1.4



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message