You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Joe Witt (Jira)" <ji...@apache.org> on 2023/06/05 16:14:00 UTC

[jira] [Commented] (NIFI-11640) Update download-maven-plugin to 1.7.0

    [ https://issues.apache.org/jira/browse/NIFI-11640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17729368#comment-17729368 ] 

Joe Witt commented on NIFI-11640:
---------------------------------

Fix versions can be applied once there is a reviewer that looks into this and is merging.  Thanks

> Update download-maven-plugin to 1.7.0
> -------------------------------------
>
>                 Key: NIFI-11640
>                 URL: https://issues.apache.org/jira/browse/NIFI-11640
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Siddharth R
>            Assignee: Siddharth R
>            Priority: Minor
>              Labels: dependency-upgrade
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs:
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200]
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)