[ https://issues.apache.org/jira/browse/SAMZA-1582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xinyu Liu updated SAMZA-1582: ----------------------------- Fix Version/s: (was: 0.15.0) 0.14.1 > Updated yajl-ruby ~> 1.3.1 > -------------------------- > > Key: SAMZA-1582 > URL: https://issues.apache.org/jira/browse/SAMZA-1582 > Project: Samza > Issue Type: Bug > Affects Versions: 0.14.0 > Reporter: Yi Pan (Data Infrastructure) > Assignee: Cameron Lee > Priority: Major > Labels: newbie > Fix For: 0.14.1 > > > Copying the reminder from Apache Security team: > {quote} > |[!https://ci6.googleusercontent.com/proxy/EPW6ev-q8tmAUr6BNj_tttuAA90oWAHChoH_Vj9NMJtxdUTJS3G0wD5dwx3gYEr-EdQax5AN8BWWKz3s9b7P21gmR0_cbgRrH5eS0l3s5cEnZ2hU7A1FjlYO0iVY=s0-d-e1-ft#https://assets-cdn.github.com/images/modules/logos_page/GitHub-Logo.png|width=76,height=21!|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlaoUQ7ZnNSfaod-2BRPoWgKQ-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwyL-2BgFZqBUzUsWx7UjU-2ByloXoE45K4MTwc3UQpj7Do8o-2Bgp2LaH0Krty84jVQ-2FWYR7q2q0TBMggNDDSB-2FFjglpvPnlOM8AvydCX8notgsa-2F-2BmbsQO5YlxSaONErs-2B8P0xjVY2R41JzVOtIZYxIJepNUy6NMx9u9iAPRFesHcOKZPOXxAk1y-2Fx1Hsgk1HhYD8l]|[Sign > > in|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwMO11USkMs2Nd5r4Ix-2FHYfXNQjgmqg1EbY9tQsyoz2JLJdW8S8nTZlZTdFbnH0Ur97NOzVo6evmuvAkn8pHRV-2BJMt1KKR3YODTRNyrDbpQwkooRJceI5cZr2K8cfZ9GNy8L2JPBt4g2kZ02GA9pF-2B66huuyTuLlLIStNJBRQIG25hHv-2Bj5LAZNdnsFjJ3g4lj]| > *gstein,* > We found a potential security vulnerability in a repository which you have > been granted security alert access. > |!https://ci4.googleusercontent.com/proxy/LhcZ7iaFoInSfQy1r_J1HOWPMTtxYnupwChIFTSA_wTfxDY3HgcGigfxusXNNAZ63YSBgrW9Ng_0lnJNyuw-HZe8OlzcTvPaKX4OXHI=s0-d-e1-ft#https://avatars3.githubusercontent.com/u/47359?s=56&v=4|width=28,height=28!|[apache/samza|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp22VOcIU2JGnKVKb5Fnub4nz_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwl5RlD8HZFUFIrQ9cnevxO1U6dX8GrjaH2kYzFqslYCPy7XEINWscVDIgVOZvqIpxZeiVxxOjtywfm3ubPBZDB7318WUZiBlKXHJuxw-2Fvle-2BwoGTfrGIev80Kem2aWE9mNWl5kTkZaqX-2FkXXzn3wrhQKrm-2FoORz-2FtHHZ6pcFhjDb3MbZdK405kETqXkOBJt-2FJ]| > | > |Known *high severity* security vulnerability detected in {{yajl-ruby < > 1.3.1}}defined in > [{{Gemfile.lock}}|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp20CLx4rL8gmvf0Uz90XzPOYtIwluVtRPDl-2ByN6cdJzOmwD92A7AoFaibciZLzwy-2Fp0-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwVL3nig834bS5SDALQcYPmCbl9zTfYJEfVLi-2BUjJcdL1pPlt-2F4TN4XeoGOCKg9KuQsBPSc5Dmvl-2BaH6uo-2B9dM0O1Jgy-2FxQsL0fSmMXH98Lpw-2FRl-2FMRyoh-2F0eSr2afaxX6yvdba5rU4e3uIfO2ZO7rQXijWdMU86vqaFBuC-2BREUdV4-2B7X6hnReVbzayDYw9e-2BR].| > |[{{Gemfile.lock}}|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp20CLx4rL8gmvf0Uz90XzPOYtIwluVtRPDl-2ByN6cdJzOmwD92A7AoFaibciZLzwy-2Fp0-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPw0BKgToZnfy3QqFOswloKlZFaLISaiKlD-2FbgDDWyof4dG-2BNVcey4o7mle9nCry2CbymZ9TGKs9xi-2BsyrhWmiXHo93-2BgqMaZPILbmVW8u0hzM40Y-2F2-2BxoAuYvOuSpdzv8LRq4BODzon4jl6r4TRCVdsMU3ymtm1D5O1Kcg7e4N86vh6Jnvgd95zUnD88i-2BUqi8] > update suggested: {{yajl-ruby ~> 1.3.1}}.| > |Always verify the validity and compatibility of suggestions with your > codebase.| > | > | > | | > | > | > |[Review vulnerable > dependency|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBg5kFs28ucWJkBdd8Thfp20PachVWCAx1liEncpX-2Fkm-2BFEgZpf7mA0kjAbIpEISwdA-3D-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwqAlCZLaP7AljNKOplAHNKNFOFLSZU20qXnOPdkvkdjXfxZDQzq2gwIoVtCPYmUBGKaJ-2BayEdYmVnApX63Os5QOGJmWnYRfyjO5O1VS9YU2vr4x6A484mdgh5JOnOGLsLwbSfXF5LEHh9LWv-2F1tbvjhwsnYT1CN8fHCocyQbBnkY-2FS7C02Ysv3I-2BzUGphAMt6]| > | > ---- > Only users who have been assigned access to security alerts will receive > these notifications. > [Unsubscribe > |http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBh4tM-2BvbnAt1ZCBIm0TQChRsti2oUDbPtOO7snnCj3QEGX6yeM-2BotKJuzzN-2BTOzWlRGx5ecVE50MPgCYmEJX-2FYfpp6gpUMu8msrdYpKBXErBn3eHTtQ637TkKMZkXEd04g-3D-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPw7JLm8guvZJ3fPlMEbIPne0EI38kXFbTOBP-2BzEq9s4Ddf1-2BdAkhInLjC1l3UiklX3zjY5sFeXwiU8KyfW6lcn9lDbigAF-2FChEOEFQWNmED15ob7P8SqKQhivGzptYvp1OWT9H1UiQAZGTUKwRE-2FnqlY-2F94e1mqx4MxQyLBQ1Fxgo4uRw92zyGdiL1aZleEoeA]· > [Email > preferences|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlttXBNYv-2BeGM-2FMVHbSBvTrPDvaZJ5yvsxfEVwy5gWOO_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPw5c0c-2BGLEZYtRx5m9A0yZFsgfJyfDQm481DJxyGwRBEEA5OYZFM5jrQLTjiDsnyEn38-2Bvdi-2FRfiHbjDVEpUlsKcfYl2D71I-2FA5f1pBtFnudCIEXx-2FhMiiQYEePRqj-2BwrrMP8kdXujBm-2BarpoDvuVqS1HS3WOoiKcPepvAE2KBTOldsxJrdeBxcv7Pre4noSqH] > · > [Terms|http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkI7aIK5sDG6eHhf6PFf2GZEMdAPO1mXdWyaS9GI2aLnBA-3D-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwMzyqaVrKNDh9Gke7myPEA4AuPVf0rm5KNSjSIr7HJ8gh7PY6SMRuzAsSG1Hulz-2FgXEtsykwWyLlAm2I5ifvi4HB1WguEa1PCkc3va2YIPvW11jOAHRrlJ6RWFe52d-2F2bZVnKsjVRU9fGr6cQGDRMpX4i-2FVe9ivQIz-2Bg2t9ZKwTx4ifU4RIM3B3Brg7LCx21T] > · > [Privacy|http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkKdSMxJcKXeaeoPn0qQqs-2Fw-2BqmMjx3QOoJQotJaBhy-2FxQ-3D-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPw6e6bAqCCguZWpPI-2FekdkSi73k4rPpFClep3syKhqgdojCuuBp-2BH5hx-2F1j48-2F3pX2XzjfYz-2FE33msLh-2BSjeCChXZLdfz5NjPkckKUOaSA2qgTohwzHERK1LuDQCEnr5euwAwBfR5D4JmCAO5vtsqUN9RmCDgKFOaAAXWnN8Q380Ola-2FYae179MI-2BEk8XIrEwD] > · [Sign into > GitHub|http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_w6S5n3vrKqGS7A36Z0jQnv0H94jgQYM8GX7TqkbHsZK1ErOva5Na6qlATsuWtQPwRI2QKC8SEwirCJ2JDhglB2rDqO0qtBZh1Jlu-2B5Cq79uLqmXepKQxkEJXUv5VboNe4DbKDNmOnTOKB-2BtBtwbTUm-2BEPxUoqiLnS8ppK83tRk1zokCExn8V-2FQ-2Bfgd-2FNqjSKMAV2lbdsklb1S0KPRmdR-2B2JKx6rEPF3PHDK1M8g8iNmFdtsfLDrdeqpGRSziy7xW] > GitHub, Inc. > 88 Colin P Kelly Jr St. > [San Francisco, CA > 94107|https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D+San+Francisco,+CA+94107&entry=gmail&source=g] > \{quote} > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)