You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Janos Makai (Jira)" <ji...@apache.org> on 2022/12/15 16:05:00 UTC
[jira] [Created] (OOZIE-3689) Remove usage of commons-httpclient due to EOL and CVEs (CVE-2012-5783)
Janos Makai created OOZIE-3689:
----------------------------------
Summary: Remove usage of commons-httpclient due to EOL and CVEs (CVE-2012-5783)
Key: OOZIE-3689
URL: https://issues.apache.org/jira/browse/OOZIE-3689
Project: Oozie
Issue Type: Improvement
Affects Versions: 5.2.1
Reporter: Janos Makai
Assignee: Janos Makai
Currently usages of `commons-httpclient` can be found `TestHAShareLibService`'s unit test, however, `commons-httpclient` is in EOL state and has CVE issue (CVE-2012-5783).
Oozie at this moment does not pull it in directly, but used from a transitive dependency.
The goal of this ticket is to modify the test inside `TestHAShareLibService` not to use `commons-httpclient`.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)