Uploaded image for project: 'Flume'
  1. Flume
  2. FLUME-3131

Upgrade spring framework library dependencies

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.7.0
    • Fix Version/s: 1.8.0
    • Component/s: None
    • Labels:

      Description

      Group Artifact Version used Upgrade target
      org.springframework spring-aop 3.0.7.RELEASE 4.3.9.RELEASE,
      org.springframework spring-context 3.0.7.RELEASE 4.3.9.RELEASE,
      org.springframework spring-core 3.0.7.RELEASE 4.3.9.RELEASE,

      Security vulnerability: https://www.cvedetails.com/vulnerability-list/vendor_id-9664/product_id-17274/Springsource-Spring-Framework.html
      Maven repositories:

      Please do:

      • CVE might be a false alarm or mistake. Please double check.
      • double check the newest version.
      • consider to remove a dependency if better alternative is available.
      • check whether the lib change would introduce a backward incompatibility (in which case please add this label `breaking_change` and fix version should be the next major)

      Excerpt from mvn dependency:tree

      org.apache.flume.flume-ng-sources:flume-jms-source:jar:1.8.0-SNAPSHOT
      \- org.apache.activemq:activemq-core:jar:5.7.0:provided
         +- org.springframework:spring-context:jar:3.0.7.RELEASE:provided
         |  +- org.springframework:spring-aop:jar:3.0.7.RELEASE:provided
         |  +- org.springframework:spring-beans:jar:3.0.7.RELEASE:provided
         |  +- org.springframework:spring-core:jar:3.0.7.RELEASE:provided
         |  +- org.springframework:spring-expression:jar:3.0.7.RELEASE:provided
         |  \- org.springframework:spring-asm:jar:3.0.7.RELEASE:provided
      

        Attachments

        1. FLUME-3131.patch
          1 kB
          Ferenc Szabo
        2. FLUME-3131-1.patch
          1 kB
          Ferenc Szabo

          Issue Links

            Activity

              People

              • Assignee:
                fszabo Ferenc Szabo
                Reporter:
                sati Attila Simon
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: