Uploaded image for project: 'Apache Apex Core'
  1. Apache Apex Core
  2. APEXCORE-815

Whitelist CVE-2016-6811

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 4.0.0
    • None
    • None

    Description

      There is an old vulnerability in Yarn version 2.7.3 and below (please see CVE-2016-6811) that was recently marked as severity 9 and now it breaks Apex build. Based on my analysis, the vulnerability affects Yarn cluster itself (see YARN-5121).

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. YARN-5121 fix some container-executor portability issues

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved
          links to

          Web Link CVE-2016-6811

          Web Link GitHub Pull Request #601

          Activity

            People

              vrozov Vlad Rozov
              vrozov Vlad Rozov
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: