You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/02/17 14:26:00 UTC
[jira] [Commented] (TINKERPOP-2339) Gremlin.Net: Update
System.Net.WebSockets.Client dependency
[ https://issues.apache.org/jira/browse/TINKERPOP-2339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17038395#comment-17038395 ]
ASF GitHub Bot commented on TINKERPOP-2339:
-------------------------------------------
jorgebay commented on pull request #1249: TINKERPOP-2339 Bump System.Net.WebSockets.Client dependency
URL: https://github.com/apache/tinkerpop/pull/1249
Bump `System.Net.WebSockets.Client` dependency to `4.3.2` in Gremlin.Net.
https://issues.apache.org/jira/browse/TINKERPOP-2339
VOTE +1
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
> Gremlin.Net: Update System.Net.WebSockets.Client dependency
> -----------------------------------------------------------
>
> Key: TINKERPOP-2339
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2339
> Project: TinkerPop
> Issue Type: Improvement
> Components: dotnet
> Affects Versions: 3.4.5, 3.3.10
> Reporter: Jorge Bay
> Assignee: Jorge Bay
> Priority: Major
> Fix For: 3.3.11, 3.4.6
>
>
> System.Net.WebSockets.Client 4.3.0 has some known vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0248
> We should update the dependency to 4.3.2+
--
This message was sent by Atlassian Jira
(v8.3.4#803005)