Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-3100

Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.0.0
    • Ranger
    • None

    Description

      Ranger is pulling in httpclient 4.5.6. Please upgrade to httpclient 4.5.13+. 

      CVE-2020-13956: https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1016906

      Attachments

        1. 0001-RANGER-3100-Upgrade-httpclient-version-from-4.5.6-to.patch
          6 kB
          Pradeep Agrawal
        2. 0001-RANGER-3100-Upgrade-httpclient-version-from-4.5.6-to.patch
          6 kB
          Pradeep Agrawal
        3. RANGER-3100-V1.patch
          6 kB
          Mahesh Hanumant Bandal

        Issue Links

          links to

          Web Link Apache review request

          Activity

            People

              pradeep Pradeep Agrawal
              saketjajoo77 Saket Jajoo
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: