Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-5075

Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • Java - Library
    • None

    Description

      Similar to THRIFT-4506, would it be possible to backport fixes for CVE-2019-0205 to 0.9.x branch. There are still several projects still relying on 0.9.3-1, and the vulnerability seems to impact them as well.

      I believe the fix for Java was part of THRIFT-4024

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. THRIFT-4024 Skip() should throw on unknown data types

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #1993

          Activity

            People

              Unassigned Unassigned
              laurent Laurent Goujon
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h