[NIFI-8990] Upgrade Groovy to 2.5.14 and 2.4.21 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.15.0
Component/s: Core Framework, Extensions, NiFi Registry, Tools and Build
Labels:
- security

Description

Groovy versions 2.5.13 and 2.4.20 and have a vulnerability related to directory creation in extension methods as described in CVE-2020-17521. Groovy 2.5.14 and 2.4.21 address this problem as well as other vulnerabilities in earlier versions.

Attachments

Issue Links

links to

GitHub Pull Request #5276

GitHub Pull Request #5284

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Aug/21 12:46

Updated:: 05/Aug/21 21:31

Resolved:: 05/Aug/21 21:31

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1.5h