Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
-
None
Description
The httpcomponent dependencies in Ranger should be updated due to a number of CVE advisories:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3577
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262
The patch contains the following dependency updates:
httpcomponents.httpclient.version: 4.2.5 ==> 4.5.1
httpcomponents.httpcore.version: 4.2.5 ==> 4.4.3
httpcomponents.httpmime.version: 4.2.5 ==> 4.5.1
Attachments
Attachments
Issue Links
- relates to
-
RANGER-1235 Usersync creates logs many errors with $ in the username or groupname
- Resolved
- links to