[jira] [Resolved] (RATIS-1532) Fix RaftProperties security warning

Tsz-wo Sze (Jira) Wed, 23 Feb 2022 17:46:07 -0800


     [ 
https://issues.apache.org/jira/browse/RATIS-1532?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tsz-wo Sze resolved RATIS-1532.
-------------------------------
    Fix Version/s: 2.3.0
       Resolution: Fixed

Thanks [~adoroszlai] for reviewing the pull request!

I have merged it.

> Fix RaftProperties security warning
> -----------------------------------
>
>                 Key: RATIS-1532
>                 URL: https://issues.apache.org/jira/browse/RATIS-1532
>             Project: Ratis
>          Issue Type: Bug
>          Components: common
>            Reporter: Tsz-wo Sze
>            Assignee: Tsz-wo Sze
>            Priority: Major
>             Fix For: 2.3.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> There is a security alert in RaftProperties.writeXml(Writer):
> bq. XML parsers should not be vulnerable to XXE attacks
> The code was copied from Hadoop but not used in Ratis.  We should simply 
> remove it.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (RATIS-1532) Fix RaftProperties security warning

Reply via email to