[
https://issues.apache.org/jira/browse/NIFI-9340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Thomsen resolved NIFI-9340.
--------------------------------
Resolution: Won't Do
[~Dallas] as a rule of thumb, we don't backport changes to old releases,
especially ones as far away from the current release as 1.10 is from 1.15.X.
Best thing I can recommend is to plan an upgrade.
> [Backport to 1.10.0] Upgrade AngularJS and JQuery
> -------------------------------------------------
>
> Key: NIFI-9340
> URL: https://issues.apache.org/jira/browse/NIFI-9340
> Project: Apache NiFi
> Issue Type: Bug
> Affects Versions: 1.10.0
> Reporter: James Dallas
> Priority: Major
>
> This is to address a security vulnerability with *CWE ID* *829 – Inclusion of
> Functionality from Untrusted Control Sphere*. The identified library jQuery,
> version 3.4.1 is vulnerable.
> AngularJS detected in 1.10.0 is v.1.7.2. This was addressed for 1.14.0 in
> NIFI-8756, but requesting for this fix to be backported to 1.10.0 as well.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
