[jira] [Updated] (FLINK-23438) Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13

Chesnay Schepler (Jira) Mon, 26 Jul 2021 23:59:07 -0700


     [ 
https://issues.apache.org/jira/browse/FLINK-23438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Chesnay Schepler updated FLINK-23438:
-------------------------------------
    Component/s: FileSystems
                 Connectors / Kinesis
                 Connectors / ElasticSearch

> Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13
> ----------------------------------------------
>
>                 Key: FLINK-23438
>                 URL: https://issues.apache.org/jira/browse/FLINK-23438
>             Project: Flink
>          Issue Type: Improvement
>          Components: Connectors / ElasticSearch, Connectors / Kinesis, 
> FileSystems
>            Reporter: Martijn Visser
>            Assignee: Martijn Visser
>            Priority: Minor
>              Labels: pull-request-available
>             Fix For: 1.14.0
>
>
> Flink is still using org.apache.httpcomponents.httpclient:4.5.3 and 
> org.apache.httpcomponents.httpclient:4.5.9. Those versions are impacted by 
> CVE-2020-13956 (though Flink is not impacted by it). The latest available 
> version is 4.5.13



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (FLINK-23438) Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13

Reply via email to