[jira] [Commented] (AVRO-2228) Bump Apache Velocity to 2.0

ASF subversion and git services (JIRA) Thu, 08 Nov 2018 13:18:10 -0800


    [ 
https://issues.apache.org/jira/browse/AVRO-2228?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16679940#comment-16679940
 ]


ASF subversion and git services commented on AVRO-2228:
-------------------------------------------------------

Commit c4386ad21f16b4fdd761eeb5ac4332f6221aac3f in avro's branch 
refs/heads/master from [~Fokko]
[ https://gitbox.apache.org/repos/asf?p=avro.git;h=c4386ad ]

[AVRO-2228] Bump Apache Velocity to 2.0

- Remove Slf4jLogChute since 2.0 uses SLF4J itself
- Update $velocityHasNext to $foreach.hasNext because of deprecation
- Update $velocityCount to $foreach.count because of deprecation
- 2.0 does not depend on apache-common collections anymore which
  used to be an old version with security issues


> Bump Apache Velocity to 2.0
> ---------------------------
>
>                 Key: AVRO-2228
>                 URL: https://issues.apache.org/jira/browse/AVRO-2228
>             Project: Apache Avro
>          Issue Type: Improvement
>          Components: java
>    Affects Versions: 1.8.2
>            Reporter: Fokko Driesprong
>            Priority: Major
>
> Apache Velocity 1.7 contains CVE's: CVE-2015-6420, CVE-2017-15708



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (AVRO-2228) Bump Apache Velocity to 2.0

Reply via email to