You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Sailaja Polavarapu (JIRA)" <ji...@apache.org> on 2016/05/23 17:06:12 UTC
[jira] [Updated] (RANGER-839) Update httpcomponent dependencies
[ https://issues.apache.org/jira/browse/RANGER-839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sailaja Polavarapu updated RANGER-839:
--------------------------------------
Attachment: 0001-RANGER-839-Changed-to-httpclient-version-to-4.3.6-as.patch
> Update httpcomponent dependencies
> ---------------------------------
>
> Key: RANGER-839
> URL: https://issues.apache.org/jira/browse/RANGER-839
> Project: Ranger
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Sailaja Polavarapu
> Priority: Minor
> Fix For: 0.6.0
>
> Attachments: 0001-RANGER-839-Changed-to-httpclient-version-to-4.3.6-as.patch, 0001-RANGER-839-Update-httpcomponent-dependencies.patch
>
>
> The httpcomponent dependencies in Ranger should be updated due to a number of CVE advisories:
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3577
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262
> The patch contains the following dependency updates:
> httpcomponents.httpclient.version: 4.2.5 ==> 4.5.1
> httpcomponents.httpcore.version: 4.2.5 ==> 4.4.3
> httpcomponents.httpmime.version: 4.2.5 ==> 4.5.1
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)