Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-7270

Fix non-https dependency urls and add checksum checks

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.16.0
    • 1.19.0
    • Security
    • None

    Description

      Review any build scripts and configurations for insecure urls and make appropriate fixes to use secure urls.

      Projects like Lucene do checksum whitelists of all their build dependencies, and you may wish to consider that as a
      protection against threats beyond just MITM.

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            bohdan Bohdan Kazydub
            arina Arina Ielchiieva
            Vova Vysotskyi Vova Vysotskyi
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment