[
https://issues.apache.org/jira/browse/RANGER-839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15310993#comment-15310993
]
rangerqa commented on RANGER-839:
---------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12805675/0001-RANGER-839-Changed-to-httpclient-version-to-4.3.6-as.patch
against master revision 220c132.
{color:red}-1 patch{color}. The patch command could not apply the patch.
Console output:
https://builds.apache.org/job/PreCommit-RANGER-Build/237//console
This message is automatically generated.
> Update httpcomponent dependencies
> ---------------------------------
>
> Key: RANGER-839
> URL: https://issues.apache.org/jira/browse/RANGER-839
> Project: Ranger
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Sailaja Polavarapu
> Priority: Minor
> Fix For: 0.6.0
>
> Attachments:
> 0001-RANGER-839-Changed-to-httpclient-version-to-4.3.6-as.patch,
> 0001-RANGER-839-Update-httpcomponent-dependencies.patch
>
>
> The httpcomponent dependencies in Ranger should be updated due to a number of
> CVE advisories:
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3577
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262
> The patch contains the following dependency updates:
> httpcomponents.httpclient.version: 4.2.5 ==> 4.5.1
> httpcomponents.httpcore.version: 4.2.5 ==> 4.4.3
> httpcomponents.httpmime.version: 4.2.5 ==> 4.5.1
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
