[jira] [Updated] (NIFI-10348) Upgrade Tomcat Embed to 8.5.82 for Flume Processors
[ https://issues.apache.org/jira/browse/NIFI-10348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nathan Gough updated NIFI-10348: Fix Version/s: 1.18.0 Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade Tomcat Embed to 8.5.82 for Flume Processors > --- > > Key: NIFI-10348 > URL: https://issues.apache.org/jira/browse/NIFI-10348 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions >Reporter: David Handermann >Assignee: David Handermann >Priority: Minor > Fix For: 1.18.0 > > Time Spent: 40m > Remaining Estimate: 0h > > Apache Flume Processors have a transitive dependency on Apache Tomcat Embed > Core 8.5.46, which has several associated vulnerabilities. Although most of > these vulnerabilities relate to Apache Tomcat Server, upgrading a more recent > version of the library includes several bug fixes and resolves false > positives. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-10348) Upgrade Tomcat Embed to 8.5.82 for Flume Processors
[ https://issues.apache.org/jira/browse/NIFI-10348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-10348: Summary: Upgrade Tomcat Embed to 8.5.82 for Flume Processors (was: Upgrade Tomcat Embed to 8.5.81 for Flume Processors) > Upgrade Tomcat Embed to 8.5.82 for Flume Processors > --- > > Key: NIFI-10348 > URL: https://issues.apache.org/jira/browse/NIFI-10348 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions >Reporter: David Handermann >Assignee: David Handermann >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > Apache Flume Processors have a transitive dependency on Apache Tomcat Embed > Core 8.5.46, which has several associated vulnerabilities. Although most of > these vulnerabilities relate to Apache Tomcat Server, upgrading a more recent > version of the library includes several bug fixes and resolves false > positives. -- This message was sent by Atlassian Jira (v8.20.10#820010)
