David Handermann created NIFI-9420:
--------------------------------------
Summary: Upgrade Guava in MiNiFi to 31.0.1
Key: NIFI-9420
URL: https://issues.apache.org/jira/browse/NIFI-9420
Project: Apache NiFi
Issue Type: Improvement
Components: MiNiFi
Affects Versions: 1.15.0
Reporter: David Handermann
Assignee: David Handermann
MiNiFi depends on Guava 26.0 to support caching in the Config Service REST
Resource. Although MiNiFi does not use the feature, Guava versions 30 and below
have a vulnerability associated with temporary directory creation as described
in [CVE-2020-8908|https://nvd.nist.gov/vuln/detail/CVE-2020-8908]. Upgrading
Guava to 31.0.1 addresses the associated vulnerability.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
