You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oozie.apache.org by "Janos Makai (Jira)" <ji...@apache.org> on 2022/12/15 16:05:00 UTC

[jira] [Created] (OOZIE-3689) Remove usage of commons-httpclient due to EOL and CVEs (CVE-2012-5783)

Janos Makai created OOZIE-3689:
----------------------------------

             Summary: Remove usage of commons-httpclient due to EOL and CVEs (CVE-2012-5783)
                 Key: OOZIE-3689
                 URL: https://issues.apache.org/jira/browse/OOZIE-3689
             Project: Oozie
          Issue Type: Improvement
    Affects Versions: 5.2.1
            Reporter: Janos Makai
            Assignee: Janos Makai


Currently usages of `commons-httpclient` can be found `TestHAShareLibService`'s unit test, however, `commons-httpclient` is in EOL state and has CVE issue (CVE-2012-5783).
Oozie at this moment does not pull it in directly, but used from a transitive dependency.
The goal of this ticket is to modify the test inside `TestHAShareLibService` not to use `commons-httpclient`.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)