You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/10/08 21:14:41 UTC

[GitHub] [pulsar] pkumar-singh opened a new pull request #8221: [WS-2019-0490][buildtool] white source security vulnerability present in jcommander-1.72

pkumar-singh opened a new pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221


   ### Motivation
   jcommander-1.72 has a white source reported security vulnerability WS-2019-0490.
   White source vulnerability description as it is.
   
   > Inclusion of Functionality from Untrusted Control Sphere vulnerability found in jcommander before 1.75. jcommander resolving dependencies over HTTP instead of HTTPS. 
   
   ### Modifications
   Upgrade org.testng to 7.3.0 in buildtools. That way it pulls in jcommander 1.78


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] rdhabalia commented on pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

rdhabalia commented on pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221#issuecomment-706386641


   /pulsarbot run-failure-checks


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] codelipenghui closed pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

codelipenghui closed pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] codelipenghui commented on pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

codelipenghui commented on pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221#issuecomment-728708704


   /pulsarbot run-failure-checks


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] codelipenghui commented on pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

codelipenghui commented on pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221#issuecomment-728653692


   /pulsarbot run-failure-checks


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] codelipenghui merged pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

codelipenghui merged pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] sijie commented on pull request #8221: [buildtool] security vulnerability present in jcommander-1.72

Posted by GitBox <gi...@apache.org>.

sijie commented on pull request #8221:
URL: https://github.com/apache/pulsar/pull/8221#issuecomment-713313313


   /pulsarbot run-failure-checks


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org