You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Mate Szalay-Beko (Jira)" <ji...@apache.org> on 2020/11/10 07:26:00 UTC

[jira] [Created] (HBASE-25261) Upgrade Bootstrap to 3.4.1

Mate Szalay-Beko created HBASE-25261:
----------------------------------------

             Summary: Upgrade Bootstrap to 3.4.1
                 Key: HBASE-25261
                 URL: https://issues.apache.org/jira/browse/HBASE-25261
             Project: HBase
          Issue Type: Improvement
          Components: security, UI
            Reporter: Mate Szalay-Beko
            Assignee: Mate Szalay-Beko


HBase UI is currently using in bootstrap 3.3.7. This version is vulnerable to 4 medium CVEs (CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, and CVE-2019-8331). Details on all the bootstrap versions and vulnerabilities is here: https://snyk.io/vuln/npm:bootstrap

Upgrading to bootstrap 4 would be nice, but potentially more work to do. We should upgrade to the latest bootstrap 3, which is 3.4.1 currently.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)