You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "Radhika Kundam (Jira)" <ji...@apache.org> on 2021/04/22 22:30:00 UTC
[jira] [Created] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+,
2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521
Radhika Kundam created ATLAS-4257:
-------------------------------------
Summary: Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521
Key: ATLAS-4257
URL: https://issues.apache.org/jira/browse/ATLAS-4257
Project: Atlas
Issue Type: Bug
Affects Versions: 2.1.0
Reporter: Radhika Kundam
Assignee: Radhika Kundam
Atlas is pulling in groovy 2.5.7 due to tinkerpop gremlin.
Need to upgrade to groovy 2.5.14+
This comes up in a few paths:
* ./usr/lib/atlas/server/webapp/atlas/WEB-INF/lib/groovy-2.5.7-indy.jar
* ./usr/lib/atlas/server/webapp/atlas/WEB-INF/lib/groovy-xml-2.5.7.jar
--
This message was sent by Atlassian Jira
(v8.3.4#803005)