Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-8308

Update yajl-ruby dependency to 1.3.1 or higher

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.4.2, 1.5.0
    • Component/s: Project Website
    • Labels:
      None

      Description

      We got notified that yajl-ruby < 1.3.1, a dependency which is used to build the Flink website, has a security vulnerability of high severity.

      We should update yajl-ruby to 1.3.1 or higher.

      Since the website is built offline and served as static HTML, I don't think this is a super critical issue (please correct me if I'm wrong), but we should resolve this soon.

        Attachments

          Activity

            People

            • Assignee:
              stevenlangbroek Steven Langbroek
              Reporter:
              fhueske Fabian Hueske

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment