You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Robert Metzger (Jira)" <ji...@apache.org> on 2020/10/26 15:19:00 UTC
[jira] [Commented] (FLINK-19785) Upgrade commons-io to 2.7 or newer
[ https://issues.apache.org/jira/browse/FLINK-19785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17220768#comment-17220768 ]
Robert Metzger commented on FLINK-19785:
----------------------------------------
Resolved in https://github.com/apache/flink/commit/2771273ac38dcbc1c2faaa06f41603be0453cace
> Upgrade commons-io to 2.7 or newer
> ----------------------------------
>
> Key: FLINK-19785
> URL: https://issues.apache.org/jira/browse/FLINK-19785
> Project: Flink
> Issue Type: Task
> Components: Runtime / Coordination
> Affects Versions: 1.12.0, 1.11.2
> Reporter: Till Rohrmann
> Assignee: Robert Metzger
> Priority: Critical
> Labels: pull-request-available
> Fix For: 1.12.0, 1.11.3
>
>
> A user reported a dependency vulnerability which affects {{commons-io}} [1]. We should try to upgrade this dependency to {{2.7}} or newer.
> [1] https://lists.apache.org/thread.html/r0dd7ff197b2e3bdd80a0326587ca3d0c22e10d1dba17c769d6da7d7a%40%3Cuser.flink.apache.org%3E
--
This message was sent by Atlassian Jira
(v8.3.4#803005)