zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Hunt <ph...@apache.org>
Subject Re: owasp job just started flagging slf4j
Date Mon, 17 Dec 2018 01:42:26 GMT
Sounds reasonable Enrico. Do you want to submit a PR against ZOOKEEPER-3217
<https://issues.apache.org/jira/browse/ZOOKEEPER-3217> and I'll
review/commit it? We can revert the patch as part of finally resolving that
issue.

Patrick

On Sat, Dec 15, 2018 at 2:39 PM Enrico Olivelli <eolivelli@gmail.com> wrote:

> Can we whitelist that jar in the meantime?
>
> Enrico
>
> Il sab 15 dic 2018, 01:28 Patrick Hunt <phunt@apache.org> ha scritto:
>
> >
> >
> https://builds.apache.org/view/S-Z/view/ZooKeeper/job/ZooKeeper-trunk-owasp/204/artifact/build/test/owasp/dependency-check-vulnerability.html
> >
> > https://nvd.nist.gov/vuln/detail/CVE-2018-8088
> >
> > We don't use EventData but should consider upgrading.
> >
> > https://issues.apache.org/jira/browse/ZOOKEEPER-3217
> >
> > Patrick
> >
> --
>
>
> -- Enrico Olivelli
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message