[NIFI-10804] Update okhttp-digest to version 2.7 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.18.0
Fix Version/s: 1.19.0
Component/s: None
Labels:
None

Description

The version of okhttp-digest used in the NiFi lookup services is outdated and should be updated to remediate https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250

The current version used there is 2.5, with the most recent version being 2.7. Release notes https://github.com/rburgst/okhttp-digest/blob/2.7/release-notes.md

Attachments

Issue Links

links to

GitHub Pull Request #6681

Activity

People

Assignee:: Pierre Villard

Reporter:: Mike R

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Nov/22 17:20

Updated:: 18/Nov/22 15:44

Resolved:: 18/Nov/22 15:44

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

20m