Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-8984

Ignite 2.5 - Vulnerabilities

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.8
    • None
    • Important

    Description

      Recently we have scanned Apache Ignite 2.5 source code and all the associated maven packages using Blackduck. The scan identified with many of the dependencies for Ignite 2.5. Many of these vulnerabilities are rated as High risk vulnerabilities. I've attached the vulnerability report to this ticket.

       

      Attachments

        Issue Links

          incorporates

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9035 Update log4j 2x version in Apache Ignite

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9036 Update FasterXML jackson-databind dependency version in Apache Ignite

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9046 Actualize dependency versions for Cassandra Cache Store

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9057 Update JCraft dependency version in Apache Ignite

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9058 Update Apache Tomcat dependency version

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9073 Ignite modules should use jackson2 dependency rater then jackson1

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. IGNITE-9349 Update Spring Data 2x and 1x and Spring 5x and 4x versions

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Task - A task that needs to be done. IGNITE-9123 Update Apache commons-collections in ignite-yarn module

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. IGNITE-9126 Update Apache Kafka dependency

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. IGNITE-9131 Upgrade guava version in Apache Ignite

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. IGNITE-9132 Update Apache Camel dependency version

          • Major - Major loss of function.
          • Resolved
          is related to

          Task - A task that needs to be done. IGNITE-9340 Update Jetty version in Apache Ignite (ignite-rest-http)

          • Major - Major loss of function.
          • Resolved
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. IGNITE-9495 Upgrade lucene dependency version.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              dpavlov Dmitry Pavlov
              navulirs Segu Riluvan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: