You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Dhaval Shah (Jira)" <ji...@apache.org> on 2021/12/09 13:28:00 UTC

[jira] [Comment Edited] (RANGER-3521) Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797

    [ https://issues.apache.org/jira/browse/RANGER-3521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17456440#comment-17456440 ] 

Dhaval Shah edited comment on RANGER-3521 at 12/9/21, 1:27 PM:
---------------------------------------------------------------

Commited in Apache Master branch : https://github.com/apache/ranger/commit/a3d798253605b5cb51cbce03489a9e36c3b338b8

and

ranger-2.3 branch :
https://github.com/apache/ranger/commit/183b5c2b9c5bea22d81a2142ef9fa6759dff6ead


was (Author: dhavalshah9131):
Commited in Apache Master branch : https://github.com/apache/ranger/commit/a3d798253605b5cb51cbce03489a9e36c3b338b8

> Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797
> ----------------------------------------------------------------
>
>                 Key: RANGER-3521
>                 URL: https://issues.apache.org/jira/browse/RANGER-3521
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>            Reporter: Dhaval Shah
>            Assignee: Dhaval Shah
>            Priority: Major
>
> We found the vulnerability related to ranger KMS on SSL port.
> Ranger KMS is not enforcing HSTS on SSL port defined by RFC 6797.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)