You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2021/01/20 05:46:45 UTC
[GitHub] [incubator-dolphinscheduler] QiAnXinCodeSafe opened a new issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
QiAnXinCodeSafe opened a new issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506
https://github.com/apache/incubator-dolphinscheduler/blob/17c06ce966fc5c6a6136ee142e4698312fe6532f/pom.xml#L84
CVE-2014-0114 CVE-2019-10086
Recommended upgrade version:1.8.0~beta-1
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] lgcareer closed issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
lgcareer closed issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] c-f-cooper commented on issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
c-f-cooper commented on issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506#issuecomment-764639990
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] CalvinKirs commented on issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
CalvinKirs commented on issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506#issuecomment-763522257
Because the upgrade involves license, you can refer to the following article to modify it: https://dolphinscheduler.apache.org/zh-cn/community/development/DS-License.html
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] c-f-cooper commented on issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
c-f-cooper commented on issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506#issuecomment-764648240
https://github.com/apache/incubator-dolphinscheduler/pull/4525
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] c-f-cooper commented on issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
c-f-cooper commented on issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506#issuecomment-763529470
please assign to me
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] c-f-cooper commented on issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
c-f-cooper commented on issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506#issuecomment-764639990
> CVE-2014-0114
Hi~ ,I find the version of commons-beanutils is 1.8.0-BETA in the Maven Central Repository only.but not found 1.8.0~beta-1
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-dolphinscheduler] lgcareer closed issue #4506: There is a vulnerability in beanutils 1.7.0,upgrade recommended
Posted by GitBox <gi...@apache.org>.
lgcareer closed issue #4506:
URL: https://github.com/apache/incubator-dolphinscheduler/issues/4506
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org