[HIVE-25726] Upgrade velocity to 2.3 due to CVE-2020-13936 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.0.0-alpha-1
Component/s: None
Labels:
- pull-request-available
- release-3.1.3

Description

Velocity project announced CVE-2020-13936 on 20210309 and through NVD 20210317 to get detected internally.

Attachments

Issue Links

links to

GitHub Pull Request #2805

GitHub Pull Request #4308

Activity

People

Assignee:: Sourabh Goyal

Reporter:: Sourabh Goyal

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 19/Nov/21 11:08

Updated:: 23/May/23 14:32

Resolved:: 10/Jan/22 19:08

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

1h 20m