Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4645

Backport ZOOKEEPER-3941 (commons-cli upgrade) to branch-3.6

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 3.6.4
    • None
    • None

    Description

      commons-cli 1.2 is affected by a known vulnerability (). To fix it, we need to upgrade, but versions 1.3+ deprecated some classes we use in the code. In ZOOKEEPER-3941 we upgraded to commons-cli to version 1.4, but this was originally shipped only in ZooKeeper 3.7.0+.

       

      To fix the CVE before the release 3.6.4, we need to update commons-cli (by backporting ZOOKEEPER-3941) on branch-3.6.

      Attachments

        Issue Links

          Activity

            People

              symat Mate Szalay-Beko
              symat Mate Szalay-Beko
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: