zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Hunt <ph...@apache.org>
Subject Keeping on top of ZK dependencies.
Date Sat, 16 Sep 2017 21:51:42 GMT
Abe Fine recently submitted a patch to look for known security issues
(CVEs) in third party dependencies:

This is a very useful tool - thanks Abe!

It was committed to trunk and I recently cherrypicked it onto 3.4 and 3.5
code lines.

I ran the check on all open branches (trunk/3.4/3.5) and it's mostly clean,
although there is a recent issue identified in Jetty that we should take
care of (3.5+ only) - that said the severity for us seems low (not sure if
we expose that functionality).


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message