David Handermann created NIFI-9271:
--------------------------------------
Summary: Upgrade Quartz to 2.3.2
Key: NIFI-9271
URL: https://issues.apache.org/jira/browse/NIFI-9271
Project: Apache NiFi
Issue Type: Improvement
Components: MiNiFi
Reporter: David Handermann
Assignee: David Handermann
Quartz Scheduler versions below 2.3.0 have a potential XML External Entity
vulnerability [CVE-2019-13990|https://nvd.nist.gov/vuln/detail/CVE-2019-13990].
Although it does not include external loading of XML job description files,
MiNiFi currently references version 2.2.1.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
