You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2023/06/05 16:34:00 UTC
[jira] [Commented] (NIFI-11640) Update download-maven-plugin to 1.6.8 for Registry
[ https://issues.apache.org/jira/browse/NIFI-11640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17729376#comment-17729376 ]
ASF subversion and git services commented on NIFI-11640:
--------------------------------------------------------
Commit 0cd511f1aa1074e002fad8cccce96f8ca25971db in nifi's branch refs/heads/main from siddr
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0cd511f1aa ]
NIFI-11640 Upgraded download-maven-plugin from 1.2.1 to 1.6.8
This closes #7337
Signed-off-by: David Handermann <ex...@apache.org>
> Update download-maven-plugin to 1.6.8 for Registry
> --------------------------------------------------
>
> Key: NIFI-11640
> URL: https://issues.apache.org/jira/browse/NIFI-11640
> Project: Apache NiFi
> Issue Type: Improvement
> Components: NiFi Registry, Tools and Build
> Reporter: Siddharth R
> Assignee: Siddharth R
> Priority: Minor
> Labels: dependency-upgrade
> Fix For: 1.latest, 2.latest
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs:
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200]
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)