You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@tez.apache.org by "Thejas M Nair (JIRA)" <ji...@apache.org> on 2019/05/28 20:50:00 UTC
[jira] [Updated] (TEZ-4072) find and remove insecure URLs in Tez
[ https://issues.apache.org/jira/browse/TEZ-4072?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thejas M Nair updated TEZ-4072:
-------------------------------
Description: (was: {quote}We request that you review any build scripts and configurations for
insecure urls where appropriate to your projects, fix them asap, and
report back if you had to change anything to [security@apache.org|mailto:security@apache.org] by
the 31st May 2019.
The most common finding was HTTP references to repos like [maven.org|http://maven.org/] in
build files (Gradle, Maven, SBT, or other tools). Here is an example
showing repositories being used with http urls that should be changed
to https:
[https://github.com/apache/flink/blob/d1542e9561c6235feb902c9c6d781ba416b8f784/pom.xml#L1017-L1038]
Note that searching for http:// might not be enough, look for http\://
too due to escaping.{quote})
> find and remove insecure URLs in Tez
> ------------------------------------
>
> Key: TEZ-4072
> URL: https://issues.apache.org/jira/browse/TEZ-4072
> Project: Apache Tez
> Issue Type: Bug
> Affects Versions: 0.9.2
> Reporter: Sam An
> Priority: Major
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)