mr1716 commented on code in PR #6175:
URL: https://github.com/apache/nifi/pull/6175#discussion_r911921267
##########
nifi-nar-bundles/nifi-azure-bundle/pom.xml:
##########
@@ -31,7 +31,7 @@
<azure.identity.version>1.4.5</azure.identity.version>
<!-- azure-identity depends on msal4j transitively, keep these
versions consistent -->
<msal4j.version>1.11.0</msal4j.version>
- <azure-cosmos.version>4.26.0</azure-cosmos.version>
+ <azure-cosmos.version>4.31.0</azure-cosmos.version>
Review Comment:
@exceptionfactory will do. It looks like 4.32.1 is still vulnerable to
[CVE-2020-8908](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908)
So maybe the best thing to do is hold off on this until they fix that issue?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
