You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by "Radhika Kundam (Jira)" <ji...@apache.org> on 2021/04/22 22:30:00 UTC

[jira] [Created] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521

Radhika Kundam created ATLAS-4257:
-------------------------------------

             Summary: Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521
                 Key: ATLAS-4257
                 URL: https://issues.apache.org/jira/browse/ATLAS-4257
             Project: Atlas
          Issue Type: Bug
    Affects Versions: 2.1.0
            Reporter: Radhika Kundam
            Assignee: Radhika Kundam


Atlas is pulling in groovy 2.5.7 due to tinkerpop gremlin.

Need to upgrade to groovy 2.5.14+

This comes up in a few paths:
 * ./usr/lib/atlas/server/webapp/atlas/WEB-INF/lib/groovy-2.5.7-indy.jar
 * ./usr/lib/atlas/server/webapp/atlas/WEB-INF/lib/groovy-xml-2.5.7.jar



--
This message was sent by Atlassian Jira
(v8.3.4#803005)