[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Madhan Neethiraj updated RANGER-4304: - Fix Version/s: 3.0.0 2.5.0 > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Fix For: 3.0.0, 2.5.0 > > Attachments: 0001-RANGER-4304-ranger-site.patch, > 0001-RANGER-4304.patch, 0002-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Attachment: 0001-RANGER-4304-ranger-site.patch > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Attachments: 0001-RANGER-4304-ranger-site.patch, > 0001-RANGER-4304.patch, 0002-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Attachment: (was: 0001-RANGER-4304-ranger-site.patch) > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Attachments: 0001-RANGER-4304.patch, 0002-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Attachment: 0001-RANGER-4304-ranger-site.patch > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Attachments: 0001-RANGER-4304-ranger-site.patch, > 0001-RANGER-4304.patch, 0002-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Attachment: 0002-RANGER-4304.patch > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Attachments: 0001-RANGER-4304.patch, 0002-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Attachment: 0001-RANGER-4304.patch > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > Attachments: 0001-RANGER-4304.patch > > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (RANGER-4304) Update swagger version in Ranger
[ https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mugdha Varadkar updated RANGER-4304: Summary: Update swagger version in Ranger (was: Update swagger version in the website) > Update swagger version in Ranger > > > Key: RANGER-4304 > URL: https://issues.apache.org/jira/browse/RANGER-4304 > Project: Ranger > Issue Type: Improvement > Components: documentation >Reporter: Arnout Engelen >Assignee: Mugdha Varadkar >Priority: Major > > The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10. > Older versions of swagger, such as this one, suffer from a number of security > weaknesses. > > While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does > not have any sensitive cookies or login mechanism or similar, so there isn't > really anything to compromise, it would be good to update to a recent version > of Swagger. Could you look into that? > > It is somewhat unclear to me whether the ranger site is maintained in SVN > ([https://svn.apache.org/viewvc/ranger/site/)] or git > ([https://github.com/apache/ranger-site]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
