Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-7270

Fix non-https dependency urls and add checksum checks

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.16.0
    • Fix Version/s: 1.19.0
    • Component/s: Security
    • Labels:
      None

      Description

      Review any build scripts and configurations for insecure urls and make appropriate fixes to use secure urls.

      Projects like Lucene do checksum whitelists of all their build dependencies, and you may wish to consider that as a
      protection against threats beyond just MITM.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bohdan Bohdan Kazydub
                Reporter:
                arina Arina Ielchiieva
                Reviewer:
                Vova Vysotskyi
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: