Uploaded image for project: 'Ratis'
  1. Ratis
  2. RATIS-1532

Fix RaftProperties security warning

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.3.0
    • common
    • None

    Description

      There is a security alert in RaftProperties.writeXml(Writer):

      XML parsers should not be vulnerable to XXE attacks

      The code was copied from Hadoop but not used in Ratis. We should simply remove it.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #608

          Activity

            People

              szetszwo Tsz-wo Sze
              szetszwo Tsz-wo Sze
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m