[jira] [Commented] (IGNITE-8471) Apache ignite for .NET has security vulnerabilities

Vladimir Ozerov (JIRA) Fri, 11 May 2018 06:38:14 -0700

    [ 
https://issues.apache.org/jira/browse/IGNITE-8471?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16471919#comment-16471919
 ]


Vladimir Ozerov commented on IGNITE-8471:
-----------------------------------------

[~hkrai77], hi. Note that these vulnerabilities do not relate to Apache 
Ignite.NET, but to the whole product. 

> Apache ignite for .NET has security vulnerabilities
> ---------------------------------------------------
>
>                 Key: IGNITE-8471
>                 URL: https://issues.apache.org/jira/browse/IGNITE-8471
>             Project: Ignite
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.4
>            Reporter: Harendra Rai
>            Priority: Major
>             Fix For: 2.5
>
>
> There are two security vulnerabilities in the latest 2.4.0 version.
>  # commons-beanutils-1.8.3.jar.  Here is the vulnerability id CVE-2014-0114 : 
>  [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114]
> *Resolution to this issue is*: All Commons BeanUtils users should upgrade to 
> the latest version >= commons-beanutils-1.9.2
>  # commons-codec-1.6.jar: Here is the vulnerability detail 
> https://issues.apache.org/jira/browse/CODEC-96
> *Resolution* *to this issue is:* To upgrade to the latest available Version 
> 1.11



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (IGNITE-8471) Apache ignite for .NET has security vulnerabilities

Reply via email to