[ https://issues.apache.org/jira/browse/KYLIN-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16406454#comment-16406454 ]
Shaofeng SHI edited comment on KYLIN-3301 at 3/21/18 1:28 AM: -------------------------------------------------------------- According to the CVE ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1796),] need upgrade to 2.6.5 or above, now upgrade it to 2.6.6. was (Author: shaofengshi): There is no newer version for opensaml. Seems that project is not well maintained. > Upgrade opensaml > ---------------- > > Key: KYLIN-3301 > URL: https://issues.apache.org/jira/browse/KYLIN-3301 > Project: Kylin > Issue Type: Improvement > Components: Integration > Affects Versions: v2.2.0, v2.3.0 > Reporter: Shaofeng SHI > Priority: Major > > opensaml 2.6.4 is reported with security issue (CVE-2015-1796), need upgrade. -- This message was sent by Atlassian JIRA (v7.6.3#76005)