[
https://issues.apache.org/jira/browse/UNOMI-851?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francois Gerthoffert updated UNOMI-851:
---------------------------------------
Description:
In Unomi we're using the high level rest client in version 7.4.2
The goal of this ticket is to update it towards its latest version: 7.17.0
Note that this version maintains the same license (Apache 2):
https://www.elastic.co/guide/en/elasticsearch/client/java-rest/7.17/_license.html
{code:java}
Copyright 2013-2019 Elasticsearch
Licensed under the Apache License, Version 2.0 (the "License"); you may not use
this file except in compliance with the License. You may obtain a copy of the
License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied. See the License for the
specific language governing permissions and limitations under the License.
{code}
This upgrade aims to address vulnerabilities in transitive dependencies (namely
CVE-2020-28491 in jackson-dataformat which was addressed in v7.15.0 of the
client).
was:
In Unomi we're using the high level rest client in version 7.4.2
The goal of this ticket is to update it towards its latest version: 7.17.0
Note that this version maintains the same license (Apache 2):
https://www.elastic.co/guide/en/elasticsearch/client/java-rest/7.17/_license.html
{code:java}
Copyright 2013-2019 Elasticsearch
Licensed under the Apache License, Version 2.0 (the "License"); you may not use
this file except in compliance with the License. You may obtain a copy of the
License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied. See the License for the
specific language governing permissions and limitations under the License.
{code}
This upgrade aims to address vulnerabilities in transitive dependencies (namely
CVE-2020-28491 in jackson-dataformat).
> Upgrade Elasticsearch High level REST client to 7.17.0
> ------------------------------------------------------
>
> Key: UNOMI-851
> URL: https://issues.apache.org/jira/browse/UNOMI-851
> Project: Apache Unomi
> Issue Type: Task
> Reporter: Francois Gerthoffert
> Priority: Major
> Fix For: unomi-2.6.0
>
>
> In Unomi we're using the high level rest client in version 7.4.2
> The goal of this ticket is to update it towards its latest version: 7.17.0
> Note that this version maintains the same license (Apache 2):
> https://www.elastic.co/guide/en/elasticsearch/client/java-rest/7.17/_license.html
> {code:java}
> Copyright 2013-2019 Elasticsearch
> Licensed under the Apache License, Version 2.0 (the "License"); you may not
> use this file except in compliance with the License. You may obtain a copy of
> the License at
> http://www.apache.org/licenses/LICENSE-2.0
> Unless required by applicable law or agreed to in writing, software
> distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
> WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
> License for the specific language governing permissions and limitations under
> the License.
> {code}
> This upgrade aims to address vulnerabilities in transitive dependencies
> (namely CVE-2020-28491 in jackson-dataformat which was addressed in v7.15.0
> of the client).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
