You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/08/31 01:49:30 UTC

[GitHub] [pulsar] wolfstudy commented on issue #7931: CVE-2018-12540 pulsar use of io.vertx-web.jar vertx 3.4.1

wolfstudy commented on issue #7931:
URL: https://github.com/apache/pulsar/issues/7931#issuecomment-683510088


   > @wolfstudy Could you please help take a look at this issue?
   
   Sure,  As @klwilson227 said, this security vulnerability was not directly introduced by the pulsar. This is because pulsar relies on BookKeeper, and the vertx 3.4.1 version is introduced in BookKeeper, which causes this problem. So we need to go to bookkeeper's repo to fix this problem.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org