You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/08/22 16:23:00 UTC
[jira] [Created] (NIFI-10382) Upgrade Flume to 1.10.1
David Handermann created NIFI-10382:
---------------------------------------
Summary: Upgrade Flume to 1.10.1
Key: NIFI-10382
URL: https://issues.apache.org/jira/browse/NIFI-10382
Project: Apache NiFi
Issue Type: Improvement
Components: Extensions
Reporter: David Handermann
Assignee: David Handermann
Apache Flume JMS Sources in versions prior to 1.10.1 are vulnerable to remote code execution under limited conditions where an attacker controls a remote LDAP server as described in [CVE-2022-34916|https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-34916]. Dependencies on Apache Flume libraries should be upgraded to 1.10.1.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)