You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/10/20 17:02:00 UTC
[jira] [Created] (NIFI-12259) Upgrade Santuario XML to 2.3.4
David Handermann created NIFI-12259:
---------------------------------------
Summary: Upgrade Santuario XML to 2.3.4
Key: NIFI-12259
URL: https://issues.apache.org/jira/browse/NIFI-12259
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Reporter: David Handermann
Assignee: David Handermann
Fix For: 2.0.0, 1.24.0
Apache Santuario 2.3.4 includes a resolution for CVE-2023-44483, which relates to logging sensitive private key information at the debug level. Spring Security SAML2 has a dependency on Apache Santuario, which should be upgraded.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)