frankvicky commented on PR #3993:
URL: https://github.com/apache/ambari/pull/3993#issuecomment-2813310323

   Hi @JiaLiangC,
   Thanks for the question.
   I think we should redefine the scope of this issue.
   The `spring-web` and `security` modules have CVE issues, but we can resolve 
the `spring-web` issue by upgrading to a minor version.
   We should open another ticket to track the `security` CVE issue, as we were 
unable to resolve it by upgrading to a minor version.
   
   c.c @jojochuang 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ambari.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ambari.apache.org
For additional commands, e-mail: dev-h...@ambari.apache.org

Reply via email to