Uploaded image for project: 'Apache Storm'
  1. Apache Storm
  2. STORM-3900

Upgrade Cassandra version to avoid depedency on snakeyaml 1.3

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.5.0
    • None
    • None

    Description

      Snakeyaml 1.3 has a security vulnerability. Cassandra version is storm has pulls in this version. Upgrade Cassandra to a version that uses snakeyaml 2.0.

      See Storm snakeyaml 2.0 upgrade in PR: https://github.com/apache/storm/pull/3523

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            bipinprasad Bipin Prasad
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h 50m
                1h 50m

                Slack

                  Issue deployment