[jira] [Updated] (NIFI-10346) Update OWASP Dependency Check Suppressions
[ https://issues.apache.org/jira/browse/NIFI-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-10346: Fix Version/s: 1.18.0 Resolution: Fixed Status: Resolved (was: Patch Available) > Update OWASP Dependency Check Suppressions > -- > > Key: NIFI-10346 > URL: https://issues.apache.org/jira/browse/NIFI-10346 > Project: Apache NiFi > Issue Type: Task > Components: Documentation Website >Reporter: David Handermann >Assignee: David Handermann >Priority: Minor > Fix For: 1.18.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > The OWASP Dependency Check Plugin version 7.1.1 marks several libraries as > vulnerable when the vulnerability applies to server components, but not > client components. In other cases, the plugin associates vulnerabilities with > a different product based on similar naming. The Suppressions configuration > should be updated to note and suppress these findings. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-10346) Update OWASP Dependency Check Suppressions
[ https://issues.apache.org/jira/browse/NIFI-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-10346: Status: Patch Available (was: Open) > Update OWASP Dependency Check Suppressions > -- > > Key: NIFI-10346 > URL: https://issues.apache.org/jira/browse/NIFI-10346 > Project: Apache NiFi > Issue Type: Task > Components: Documentation Website >Reporter: David Handermann >Assignee: David Handermann >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > The OWASP Dependency Check Plugin version 7.1.1 marks several libraries as > vulnerable when the vulnerability applies to server components, but not > client components. In other cases, the plugin associates vulnerabilities with > a different product based on similar naming. The Suppressions configuration > should be updated to note and suppress these findings. -- This message was sent by Atlassian Jira (v8.20.10#820010)
