Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-8929

Upgrade Apache POI to 5.0.0

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.15.0
    • Fix Version/s: 1.15.0
    • Component/s: Extensions
    • Labels:

      Description

      The nifi-poi-bundle and nifi-email-bundle modules depend on the Apache POI library for handling Microsoft documents. The current modules depend on 4.0.1, which has a vulnerability related to XML External Entity Processing. Apache POI 5.0.0 resolves this vulnerability and provides a compatible upgrade.

        Attachments

          Activity

            People

            • Assignee:
              exceptionfactory David Handermann
              Reporter:
              exceptionfactory David Handermann

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 0.5h
                0.5h

                  Issue deployment