[IMPALA-11197] Upgrade pac4j to 4.5.5 to address CVEs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Impala 4.1.0
Component/s: Infrastructure
Labels:
None

Epic Color:
ghx-label-5

Description

Impala has a dependency on pac4j, which recently found a vulnerability (CVE-2021-44878). This vulnerability has been addressed in 4.5.5. We should upgrade to get this fix.

Attachments

Activity

People

Assignee:: Joe McDonnell

Reporter:: Joe McDonnell

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Mar/22 23:46

Updated:: 07/Apr/22 02:16

Resolved:: 07/Apr/22 02:16