You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/12/07 10:02:50 UTC

[GitHub] [pulsar-manager] QiAnXinCodeSafe opened a new issue #358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended

QiAnXinCodeSafe opened a new issue #358:
URL: https://github.com/apache/pulsar-manager/issues/358


   https://github.com/apache/pulsar-manager/blob/d15a0f1e45a3fe9821df51361584dce87e104948/build.gradle#L17
   
   CVE-2020-5421
   
   Recommended upgrade version：
   2.1.17.RELEASE


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar-manager] tuteng commented on issue #358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended

Posted by GitBox <gi...@apache.org>.

tuteng commented on issue #358:
URL: https://github.com/apache/pulsar-manager/issues/358#issuecomment-740274783


   Thanks, will upgrade later


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar-manager] tuteng edited a comment on issue #358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended

Posted by GitBox <gi...@apache.org>.

tuteng edited a comment on issue #358:
URL: https://github.com/apache/pulsar-manager/issues/358#issuecomment-741641756


   Since zuul relies on a low version of spring boot, we need to do some planning:
   
   1. Consider using a gateway instead of zuul
   2. upgrade spring boot to the new version


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar-manager] tuteng commented on issue #358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended

Posted by GitBox <gi...@apache.org>.

tuteng commented on issue #358:
URL: https://github.com/apache/pulsar-manager/issues/358#issuecomment-741641756


   Since zuul relies on a low version of spring, we need to do some planning:
   
   1. Consider using a gateway instead of zuul
   2. upgrade spring boot to the new version


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org