You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by Franklin Davis <fr...@gmail.com> on 2020/08/10 17:53:30 UTC

Someone should remove nonexistent versions 2.0.2, 2.1.2 from https://kafka.apache.org/cve-list

https://kafka.apache.org/cve-list APACHE KAFKA SECURITY VULNERABILITIES incorrectly lists fixed versions 2.0.2 and 2.1.2, but those don't exist (e.g. in https://archive.apache.org/dist/kafka/). I'm not qualified to modify anything -- just letting you know in case someone can fix it.

--Franklin

Re: Someone should remove nonexistent versions 2.0.2, 2.1.2 from https://kafka.apache.org/cve-list

Posted by "Matthias J. Sax" <mj...@apache.org>.

Franklin,

thanks for raising this. I opened a PR to update the web-page
accordingly: https://github.com/apache/kafka-site/pull/298


-Matthias


On 8/10/20 10:53 AM, Franklin Davis wrote:
> https://kafka.apache.org/cve-list APACHE KAFKA SECURITY VULNERABILITIES incorrectly lists fixed versions 2.0.2 and 2.1.2, but those don't exist (e.g. in https://archive.apache.org/dist/kafka/). I'm not qualified to modify anything -- just letting you know in case someone can fix it.
> 
> --Franklin
>