You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Michael Smith (Jira)" <ji...@apache.org> on 2022/06/20 17:40:00 UTC
[jira] [Created] (RANGER-3799) Move off jersey 1.0
Michael Smith created RANGER-3799:
-------------------------------------
Summary: Move off jersey 1.0
Key: RANGER-3799
URL: https://issues.apache.org/jira/browse/RANGER-3799
Project: Ranger
Issue Type: Improvement
Components: admin, intg, kms, plugins, Ranger
Reporter: Michael Smith
Jersey 1.19 is ancient, and if you need Atom feed parsing you're stuck with rome 0.9 and jdom 1.0 (which are going to flag an XXE CVE on jdom, though rome is not technically vulnerable to it because it uses {{setExpandEntities(false)}}).
Move to Jersey 2.x consistent with other uses of Jersey in Ranger.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)