[
https://issues.apache.org/jira/browse/NIFI-11543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17722095#comment-17722095
]
Jeyassri Balachandran edited comment on NIFI-11543 at 5/12/23 9:41 AM:
-----------------------------------------------------------------------
In nifi-commons/nifi-hashicorp-vault/pom.xml,
This is the upgrade that can be done for NiFi-1.19.x
<artifactId>nifi-hashicorp-vault</artifactId>
<properties>
<spring.vault.version>2.3.3</spring.vault.version>
</properties>
May I raise a PR to [https://github.com/apache/nifi/tree/support/nifi-1.19]
support/nifi-1.19 branch?
was (Author: shreeju):
In nifi-commons/nifi-hashicorp-vault/pom.xml,
This is the upgrade that can be done for NiFi-1.19.x
<artifactId>nifi-hashicorp-vault</artifactId>
<properties>
<spring.vault.version>2.3.3</spring.vault.version>
</properties>
> Upgrade Spring Vault version from 2.3.2 to 2.3.3
> ------------------------------------------------
>
> Key: NIFI-11543
> URL: https://issues.apache.org/jira/browse/NIFI-11543
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Affects Versions: 1.19.0, 1.19.1
> Reporter: Jeyassri Balachandran
> Priority: Minor
> Labels: dependency-upgrade
>
> In nifi-commons/nifi-hashicorp-vault/pom.xml, under nifi-hashicorp-vault,
> Spring.vault.version should be upgraded from 2.3.2 to 2.3.3.
> This will help fix Medium security vulnerability CVE-2023-20863.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
