Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-5108

Update to Commons Compress to 1.16.1

Agile BoardAttach filesAttach ScreenshotVotersStop watchingWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.7.0
    • None
    • None

    Description

      https://commons.apache.org/proper/commons-compress/security-reports.html

      ./nar/framework/nifi-framework-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.15.jar

      ./nar/extensions/nifi-media-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.14.jar
      ./nar/extensions/nifi-avro-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-hive-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.4.1.jar
      ./nar/extensions/nifi-parquet-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-kudu-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-beats-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.15.jar
      ./nar/extensions/nifi-record-serialization-services-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-hadoop-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.15.jar
      ./nar/extensions/nifi-confluent-platform-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-lumberjack-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.15.jar
      ./nar/extensions/nifi-hbase_1_1_2-client-service-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.4.1.jar
      ./nar/extensions/nifi-site-to-site-reporting-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-cassandra-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-hadoop-libraries-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-standard-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.15.jar
      ./nar/extensions/nifi-registry-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar
      ./nar/extensions/nifi-hwx-schema-registry-nar-1.7.0-SNAPSHOT.nar-unpacked/META-INF/bundled-dependencies/commons-compress-1.8.1.jar

      And spring data commons 1.13.3 which is in our redis bundle needs to be updated
      https://pivotal.io/security/cve-2018-1273

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            joewitt Joe Witt
            joewitt Joe Witt
            Votes:
            0 Vote for this issue
            Watchers:
            4 Stop watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment