Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-7946

Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.19.0
    • None
    • None

    Description

      Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

      Attachments

        Activity

          People

            luoc Cong Luo
            luoc Cong Luo
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: