bolkedebruin opened a new pull request #9649: Document possible vulnerabilities for the druid-ranger-security URL: https://github.com/apache/druid/pull/9649 In certain configurations the ranger plugin can expose vulnerabilities due to some of its dependencies having CVEs. @ccaominh @himanshug I have chosen to document rather than exclude. For log4j it seems not to be a full drop in replacement. In both it will only manifest itself in certain configurations which are non default.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
