You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/10/20 17:02:00 UTC

[jira] [Created] (NIFI-12259) Upgrade Santuario XML to 2.3.4

David Handermann created NIFI-12259:
---------------------------------------

             Summary: Upgrade Santuario XML to 2.3.4
                 Key: NIFI-12259
                 URL: https://issues.apache.org/jira/browse/NIFI-12259
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Core Framework
            Reporter: David Handermann
            Assignee: David Handermann
             Fix For: 2.0.0, 1.24.0


Apache Santuario 2.3.4 includes a resolution for CVE-2023-44483, which relates to logging sensitive private key information at the debug level. Spring Security SAML2 has a dependency on Apache Santuario, which should be upgraded.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)