[jira] [Updated] (FLINK-22747) Update commons-io to 2.8

Timo Walther (Jira) Fri, 21 May 2021 08:02:40 -0700


     [ 
https://issues.apache.org/jira/browse/FLINK-22747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Timo Walther updated FLINK-22747:
---------------------------------
    Affects Version/s: 1.12.4

> Update commons-io to 2.8
> ------------------------
>
>                 Key: FLINK-22747
>                 URL: https://issues.apache.org/jira/browse/FLINK-22747
>             Project: Flink
>          Issue Type: Improvement
>          Components: Build System
>    Affects Versions: 1.12.4
>            Reporter: Timo Walther
>            Assignee: Timo Walther
>            Priority: Major
>
> commons-io 2.7 has known vulnerabilities that are detected in Flink by some 
> tools. Even though it is unlikely that we use the mentioned class. We should 
> upgrade it to make the tools happy.
>  
> Context:
> {code}
> VULNDB-239195
> "Vendor Specific News/Changelog Entry
> https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0
> Vendor Specific Solution URL
> https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695
> Vendor Specific Solution URL
> https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b
> Bug Tracker
> https://issues.apache.org/jira/browse/IO-675";
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (FLINK-22747) Update commons-io to 2.8

Reply via email to