You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Joe Witt (Jira)" <ji...@apache.org> on 2023/06/05 16:14:00 UTC
[jira] [Commented] (NIFI-11640) Update download-maven-plugin to 1.7.0
[ https://issues.apache.org/jira/browse/NIFI-11640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17729368#comment-17729368 ]
Joe Witt commented on NIFI-11640:
---------------------------------
Fix versions can be applied once there is a reviewer that looks into this and is merging. Thanks
> Update download-maven-plugin to 1.7.0
> -------------------------------------
>
> Key: NIFI-11640
> URL: https://issues.apache.org/jira/browse/NIFI-11640
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Siddharth R
> Assignee: Siddharth R
> Priority: Minor
> Labels: dependency-upgrade
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs:
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956]
> [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200]
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)