[
https://issues.apache.org/jira/browse/NIFI-10270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joe Witt updated NIFI-10270:
----------------------------
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Upgrade AWS SDK to 1.2.267
> --------------------------
>
> Key: NIFI-10270
> URL: https://issues.apache.org/jira/browse/NIFI-10270
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions, MiNiFi
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Labels: dependency-upgrade
> Fix For: 1.17.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Several NiFi extension components depend on version 1 of the AWS SDK for
> various service operations.
> [CVE-2022-31159|https://nvd.nist.gov/vuln/detail/CVE-2022-31159] impacts the
> S3 TransferManager in AWS SDK versions prior to 1.2.260.
> Although NiFi components do not include direct usage of the S3
> TransferManager, library references should be upgraded.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
