You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Mike Thomsen (Jira)" <ji...@apache.org> on 2022/03/19 15:13:00 UTC

[jira] [Resolved] (NIFI-9340) [Backport to 1.10.0] Upgrade AngularJS and JQuery

     [ https://issues.apache.org/jira/browse/NIFI-9340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mike Thomsen resolved NIFI-9340.
--------------------------------
    Resolution: Won't Do

[~Dallas] as a rule of thumb, we don't backport changes to old releases, especially ones as far away from the current release as 1.10 is from 1.15.X. Best thing I can recommend is to plan an upgrade.

> [Backport to 1.10.0] Upgrade AngularJS and JQuery
> -------------------------------------------------
>
>                 Key: NIFI-9340
>                 URL: https://issues.apache.org/jira/browse/NIFI-9340
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.10.0
>            Reporter: James Dallas
>            Priority: Major
>
> This is to address a security vulnerability with *CWE ID* *829 – Inclusion of Functionality from Untrusted Control Sphere*. The identified library jQuery, version 3.4.1 is vulnerable.
> AngularJS detected in 1.10.0 is v.1.7.2. This was addressed for 1.14.0 in NIFI-8756, but requesting for this fix to be backported to 1.10.0 as well. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)