ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrey Gura (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (IGNITE-8471) Apache ignite for .NET has security vulnerabilities
Date Fri, 11 May 2018 16:00:00 GMT

     [ https://issues.apache.org/jira/browse/IGNITE-8471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrey Gura updated IGNITE-8471:
--------------------------------
    Fix Version/s:     (was: 2.6)
                   2.5

> Apache ignite for .NET has security vulnerabilities
> ---------------------------------------------------
>
>                 Key: IGNITE-8471
>                 URL: https://issues.apache.org/jira/browse/IGNITE-8471
>             Project: Ignite
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.4
>            Reporter: Harendra Rai
>            Assignee: Andrey Gura
>            Priority: Major
>             Fix For: 2.5
>
>
> There are two security vulnerabilities in the latest 2.4.0 version.
>  # commons-beanutils-1.8.3.jar.  Here is the vulnerability id CVE-2014-0114 :  [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114]
> *Resolution to this issue is*: All Commons BeanUtils users should upgrade to the latest
version >= commons-beanutils-1.9.2
>  # commons-codec-1.6.jar: Here is the vulnerability detail https://issues.apache.org/jira/browse/CODEC-96
> *Resolution* *to this issue is:* To upgrade to the latest available Version 1.11



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message