You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/08/31 06:00:16 UTC

[GitHub] [pulsar] wolfstudy edited a comment on issue #7928: CVE-2017-18640 exposure snakeyaml below 1.26

wolfstudy edited a comment on issue #7928:
URL: https://github.com/apache/pulsar/issues/7928#issuecomment-683571936


   > @wolfstudy Could you please help take a look at this issue?
   
   @codelipenghui Sure. 
   
   @klwilson227 Good ideas, What needs to be distinguished here is which are direct dependencies and which are indirect dependencies. For the parts directly introduced by pulsar, we can consider using the 1.26 of `snakeyaml` version uniformly.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org