[CHUKWA-822] Update struts version to avoid security hole - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

Apache Struts was imported into Chukwa as dependency by velocity-tools. Struts has a high severity security defect, which is described in CVE-2017-9805. Struts 2.13 patched this security defect, and Chukwa should consider upgradeing to the latest Apache Struts.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

CHUKWA-822.patch
11/Sep/17 05:10
1 kB
Eric Yang

Activity

People

Assignee:: Unassigned

Reporter:: Eric Yang

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Sep/17 04:55

Updated:: 11/Nov/17 18:08

Resolved:: 11/Nov/17 17:46