You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ratis.apache.org by "Tsz-wo Sze (Jira)" <ji...@apache.org> on 2022/02/23 15:43:00 UTC
[jira] [Updated] (RATIS-1532) Fix RaftProperties security warning
[ https://issues.apache.org/jira/browse/RATIS-1532?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz-wo Sze updated RATIS-1532:
------------------------------
Description:
There is a security alert in RaftProperties:
bq. XML parsers should not be vulnerable to XXE attacks
The code was copied from Hadoop and currently not used in Ratis. We should should remove it.
was:
There is a security alert in RaftProperties:
bq. XML parsers should not be vulnerable to XXE attacks
Although the code is not used, we should fix the alert.
> Fix RaftProperties security warning
> -----------------------------------
>
> Key: RATIS-1532
> URL: https://issues.apache.org/jira/browse/RATIS-1532
> Project: Ratis
> Issue Type: Bug
> Components: common
> Reporter: Tsz-wo Sze
> Assignee: Tsz-wo Sze
> Priority: Major
>
> There is a security alert in RaftProperties:
> bq. XML parsers should not be vulnerable to XXE attacks
> The code was copied from Hadoop and currently not used in Ratis. We should should remove it.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)