Rajeshbabu Chintaguntla created HBASE-27586: -----------------------------------------------
Summary: Bump up commons-codec to 1.15 Key: HBASE-27586 URL: https://issues.apache.org/jira/browse/HBASE-27586 Project: HBase Issue Type: Bug Reporter: Rajeshbabu Chintaguntla Assignee: Rajeshbabu Chintaguntla Fix For: 2.6.0, 3.0.0-alpha-4, 2.5.3 commons-codec 1.15 has proper fix of few CVEs which may not effect in HBase but better to upgrade to ensure compliance. Ex: ** While [a fix|https://github.com/apache/commons-codec/commit/48b615756d1d770091ea3322eefc08011ee8b113] was earlier made to {{commons-codec:commons-codec}} version 1.13, it was later found out to be incomplete. A [complete fix|https://github.com/apache/commons-codec/pull/29] exists in version 1.14 and that is the version users should upgrade to. -- This message was sent by Atlassian Jira (v8.20.10#820010)