[jira] [Resolved] (NIFI-12327) NiFi 1.x line, Upgrade activemq-client to compatible version

Paul Grey (Jira) Mon, 06 Nov 2023 17:07:58 -0800


     [ 
https://issues.apache.org/jira/browse/NIFI-12327?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Paul Grey resolved NIFI-12327.
------------------------------
    Resolution: Duplicate

> NiFi 1.x line, Upgrade activemq-client to compatible version
> ------------------------------------------------------------
>
>                 Key: NIFI-12327
>                 URL: https://issues.apache.org/jira/browse/NIFI-12327
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Paul Grey
>            Assignee: Paul Grey
>            Priority: Minor
>
> Vulnerability scanners might be expected to start flagging NiFi 1.x for its 
> usage of ActiveMQ 5.15.15, due to association with CVE-2023-46604.
> The NiFi processor usage is not expected to be vulnerable, as the usage is 
> client-only.  Even so, as the ActiveMQ 5.15 line was updated [1], it might 
> make sense to do the point version update, in order to mitigate any perceived 
> risk.
> [1] 
> https://repo.maven.apache.org/maven2/org/apache/activemq/activemq-client/5.15.16/



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (NIFI-12327) NiFi 1.x line, Upgrade activemq-client to compatible version

Reply via email to