[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

ASF subversion and git services (Jira) Wed, 16 Sep 2020 00:58:47 -0700


    [ 
https://issues.apache.org/jira/browse/ATLAS-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17196760#comment-17196760
 ]


ASF subversion and git services commented on ATLAS-3940:
--------------------------------------------------------

Commit d330da8763242faa955bb665cb74c96c5b34e7a2 in atlas's branch 
refs/heads/branch-2.0 from Rahul Nandi
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d330da8 ]

ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110)

(cherry picked from commit d555c02ba283312e2d9b014b5d68a17da3661525)


> Upgrade snakeyaml to a version without CVE-2017-18640 
> ------------------------------------------------------
>
>                 Key: ATLAS-3940
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3940
>             Project: Atlas
>          Issue Type: Bug
>            Reporter: Nixon Rodrigues
>            Priority: Major
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Maven package cassandra-all has transitive dependency on 
> org.yaml:snakeyaml:1.11 which has 
> CVE-2017-18640:https://nvd.nist.gov/vuln/detail/CVE-2017-18640



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

Reply via email to