You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/10/28 02:33:00 UTC

[jira] [Created] (NIFI-10716) Upgrade Flume to 1.11.0

David Handermann created NIFI-10716:
---------------------------------------

             Summary: Upgrade Flume to 1.11.0
                 Key: NIFI-10716
                 URL: https://issues.apache.org/jira/browse/NIFI-10716
             Project: Apache NiFi
          Issue Type: Improvement
            Reporter: David Handermann
            Assignee: David Handermann


The Flume Processors depend on Flume 1.10.1, which is vulnerable to CVE-2022-42468.

Although trigger the vulnerability requires a Flume configuration that includes the JMS Source with an unsafe provider URL, the dependency should be upgraded to 1.11.0 in order to mitigate potential configuration issues.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)