Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
1.7.0
-
None
-
Flume no longer has commons-beanutils as a dependency.
Description
Group | Artifact | Version used | Upgrade target |
---|---|---|---|
commons-beanutils | commons-beanutils | 1.7.0 | 1.9.3 |
commons-beanutils | commons-beanutils-core | 1.8.0 | 1.8.3 |
Security vulnerability: https://www.cvedetails.com/cve/CVE-2014-0114/
Please do:
- double check the newest version.
- consider to remove a dependency if better alternative is available.
- check whether the lib change would introduce a backward incompatibility (in which case please add this label `breaking_change` and fix version should be the next major)
Attachments
Issue Links
- Is contained by
-
FLUME-3151 Upgrade Hadoop to 2.10.1
- Resolved