[NIFI-11640] Update download-maven-plugin to 1.6.8 for Registry - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-M1, 1.22.0
Component/s: NiFi Registry, Tools and Build
Labels:
- dependency-upgrade

Description

Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200

Attachments

Issue Links

links to

GitHub Pull Request #7337

Activity

People

Assignee:: Siddharth R

Reporter:: Siddharth R

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Jun/23 18:39

Updated:: 05/Jun/23 16:36

Resolved:: 05/Jun/23 16:36

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

50m