You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Michael Smith (Jira)" <ji...@apache.org> on 2022/06/20 17:40:00 UTC

[jira] [Created] (RANGER-3799) Move off jersey 1.0

Michael Smith created RANGER-3799:
-------------------------------------

             Summary: Move off jersey 1.0
                 Key: RANGER-3799
                 URL: https://issues.apache.org/jira/browse/RANGER-3799
             Project: Ranger
          Issue Type: Improvement
          Components: admin, intg, kms, plugins, Ranger
            Reporter: Michael Smith


Jersey 1.19 is ancient, and if you need Atom feed parsing you're stuck with rome 0.9 and jdom 1.0 (which are going to flag an XXE CVE on jdom, though rome is not technically vulnerable to it because it uses {{setExpandEntities(false)}}).

Move to Jersey 2.x consistent with other uses of Jersey in Ranger.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)