You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/04/05 11:16:00 UTC

[jira] [Work logged] (KNOX-2717) upgrade shiro due to security issue

     [ https://issues.apache.org/jira/browse/KNOX-2717?focusedWorklogId=752754&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-752754 ]

ASF GitHub Bot logged work on KNOX-2717:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 05/Apr/22 11:15
            Start Date: 05/Apr/22 11:15
    Worklog Time Spent: 10m 
      Work Description: smolnar82 commented on PR #547:
URL: https://github.com/apache/knox/pull/547#issuecomment-1088578838

   My 2 cents:
   - this change contains 2 upgrades in fact:
     - shiro
     - log4j2
     Please make them committed separately.
   - I'd love to see some details on the tests you were executing




Issue Time Tracking
-------------------

    Worklog Id:     (was: 752754)
    Time Spent: 0.5h  (was: 20m)

> upgrade shiro due to security issue
> -----------------------------------
>
>                 Key: KNOX-2717
>                 URL: https://issues.apache.org/jira/browse/KNOX-2717
>             Project: Apache Knox
>          Issue Type: Bug
>            Reporter: PJ Fanning
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> https://github.com/apache/knox/blob/master/pom.xml#L256
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41303



--
This message was sent by Atlassian Jira
(v8.20.1#820001)