[nifi] branch master updated (84968e7 -> 1ec7e31)
This is an automated email from the ASF dual-hosted git repository. alopresto pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/nifi.git. from 84968e7 NIFI-7087: Use FlowManager.findAllConnections() when available add 1ec7e31 NIFI-7341 Updated certificate commands and source code formatting in Toolkit Guide. (#4196) No new revisions were added by this update. Summary of changes: nifi-docs/src/main/asciidoc/toolkit-guide.adoc | 68 +++--- 1 file changed, 40 insertions(+), 28 deletions(-)
[nifi] branch master updated (728bdec -> c99a187)
This is an automated email from the ASF dual-hosted git repository. bbende pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/nifi.git. from 728bdec NIFI-7339: Fixed bug that caused Write Ahead Provenance Repository not to rollover event files after specified time. Code cleanup. Updated some default properties. add c99a187 NIFI-7346: Ensure that the Provenance Repository doesn't delete the Active Event File No new revisions were added by this update. Summary of changes: .../nifi/provenance/store/WriteAheadStorePartition.java | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-)
[nifi] branch master updated (1ec7e31 -> 728bdec)
This is an automated email from the ASF dual-hosted git repository. bbende pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/nifi.git. from 1ec7e31 NIFI-7341 Updated certificate commands and source code formatting in Toolkit Guide. (#4196) add 728bdec NIFI-7339: Fixed bug that caused Write Ahead Provenance Repository not to rollover event files after specified time. Code cleanup. Updated some default properties. No new revisions were added by this update. Summary of changes: .../nifi-framework/nifi-resources/pom.xml | 6 +-- .../nifi/provenance/store/RecordWriterLease.java | 57 ++ ...RecordReaderFactory.java => RolloverState.java} | 33 ++--- .../provenance/store/WriteAheadStorePartition.java | 27 +- 4 files changed, 90 insertions(+), 33 deletions(-) copy nifi-nar-bundles/nifi-provenance-repository-bundle/nifi-persistent-provenance-repository/src/main/java/org/apache/nifi/provenance/store/{RecordReaderFactory.java => RolloverState.java} (67%)
[nifi] branch master updated: NIFI-7087: Use FlowManager.findAllConnections() when available
This is an automated email from the ASF dual-hosted git repository. mattyb149 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nifi.git The following commit(s) were added to refs/heads/master by this push: new 84968e7 NIFI-7087: Use FlowManager.findAllConnections() when available 84968e7 is described below commit 84968e70d293e49888addc3870c6a9cf222103b0 Author: Matthew Burgess AuthorDate: Wed Feb 12 16:27:56 2020 -0500 NIFI-7087: Use FlowManager.findAllConnections() when available Signed-off-by: Matthew Burgess This closes #4026 --- .../java/org/apache/nifi/controller/FlowController.java | 8 .../status/analytics/ConnectionStatusAnalytics.java | 13 - .../apache/nifi/provenance/ComponentIdentifierLookup.java | 11 ++- .../status/analytics/TestConnectionStatusAnalytics.java | 7 +++ 4 files changed, 21 insertions(+), 18 deletions(-) diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/FlowController.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/FlowController.java index 72c3416..33df9be 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/FlowController.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/FlowController.java @@ -875,7 +875,7 @@ public class FlowController implements ReportingTaskProvider, Authorizable, Node writeLock.lock(); try { // get all connections/queues and recover from swap files. -final List connections = flowManager.getRootGroup().findAllConnections(); +final Set connections = flowManager.findAllConnections(); flowFileRepository.loadFlowFiles(queueProvider); @@ -1086,7 +1086,7 @@ public class FlowController implements ReportingTaskProvider, Authorizable, Node startRemoteGroupPortsAfterInitialization.clear(); } -for (final Connection connection : flowManager.getRootGroup().findAllConnections()) { +for (final Connection connection : flowManager.findAllConnections()) { connection.getFlowFileQueue().startLoadBalancing(); } } finally { @@ -2645,7 +2645,7 @@ public class FlowController implements ReportingTaskProvider, Authorizable, Node return "Cannot replay data from Provenance Event because the event does not specify the Source FlowFile Queue"; } -final List connections = flowManager.getRootGroup().findAllConnections(); +final Set connections = flowManager.findAllConnections(); FlowFileQueue queue = null; for (final Connection connection : connections) { if (event.getSourceQueueIdentifier().equals(connection.getIdentifier())) { @@ -2696,7 +2696,7 @@ public class FlowController implements ReportingTaskProvider, Authorizable, Node throw new IllegalArgumentException("Cannot replay data from Provenance Event because the event does not specify the Source FlowFile Queue"); } -final List connections = flowManager.getRootGroup().findAllConnections(); +final Set connections = flowManager.findAllConnections(); FlowFileQueue queue = null; for (final Connection connection : connections) { if (event.getSourceQueueIdentifier().equals(connection.getIdentifier())) { diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/status/analytics/ConnectionStatusAnalytics.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/status/analytics/ConnectionStatusAnalytics.java index a524566..5500fbb 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/status/analytics/ConnectionStatusAnalytics.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/status/analytics/ConnectionStatusAnalytics.java @@ -21,7 +21,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.NoSuchElementException; -import java.util.Optional; import java.util.stream.Stream; import org.apache.commons.collections4.MapUtils; @@ -33,7 +32,6 @@ import org.apache.nifi.controller.repository.FlowFileEventRepository; import org.apache.nifi.controller.repository.RepositoryStatusReport; import org.apache.nifi.controller.status.history.ComponentStatusRepository; import org.apache.nifi.controller.status.history.StatusHistory; -import org.apache.nifi.groups.ProcessGroup; import
[nifi] branch master updated: NIFI-7345: Fixed Hive database and table names case insensitivity in Atlas reporting task
This is an automated email from the ASF dual-hosted git repository. pvillard pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nifi.git The following commit(s) were added to refs/heads/master by this push: new 08dcd4a NIFI-7345: Fixed Hive database and table names case insensitivity in Atlas reporting task 08dcd4a is described below commit 08dcd4af14386183d0cd84690772b5ad93f75b9f Author: Peter Turcsanyi AuthorDate: Wed Apr 8 23:27:50 2020 +0200 NIFI-7345: Fixed Hive database and table names case insensitivity in Atlas reporting task Signed-off-by: Pierre Villard This closes #4198. --- .../provenance/analyzer/DatabaseAnalyzerUtil.java | 3 +- .../nifi/atlas/provenance/analyzer/Hive2JDBC.java | 4 +- .../atlas/provenance/analyzer/TestHive2JDBC.java | 68 +++--- .../provenance/analyzer/TestPutHiveStreaming.java | 6 +- 4 files changed, 41 insertions(+), 40 deletions(-) diff --git a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/DatabaseAnalyzerUtil.java b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/DatabaseAnalyzerUtil.java index 63ab1bf..94db2c8 100644 --- a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/DatabaseAnalyzerUtil.java +++ b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/DatabaseAnalyzerUtil.java @@ -52,7 +52,8 @@ public class DatabaseAnalyzerUtil { } final String databaseName = tableNameSplit.length == 2 ? tableNameSplit[0] : connectedDatabaseName; final String tableName = tableNameSplit.length == 2 ? tableNameSplit[1] : tableNameSplit[0]; -return new Tuple<>(databaseName, tableName); +// Handle case insensitivity of database and table names in Hive: send names uniformly in lower case +return new Tuple<>(databaseName.toLowerCase(), tableName.toLowerCase()); } public static String toTableNameStr(Tuple tableName) { diff --git a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/Hive2JDBC.java b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/Hive2JDBC.java index ffed41f..7821f86 100644 --- a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/Hive2JDBC.java +++ b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/main/java/org/apache/nifi/atlas/provenance/analyzer/Hive2JDBC.java @@ -94,8 +94,8 @@ public class Hive2JDBC extends AbstractHiveAnalyzer { if (inputTables.isEmpty() && outputTables.isEmpty()) { // If input/output tables are unknown, create database level lineage. -return getDatabaseRef(event.getComponentId(), event.getEventType(), -clusterName, connectedDatabaseName); +// Handle case insensitivity of database and table names in Hive: send names uniformly in lower case +return getDatabaseRef(event.getComponentId(), event.getEventType(), clusterName, connectedDatabaseName.toLowerCase()); } final DataSetRefs refs = new DataSetRefs(event.getComponentId()); diff --git a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/test/java/org/apache/nifi/atlas/provenance/analyzer/TestHive2JDBC.java b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/test/java/org/apache/nifi/atlas/provenance/analyzer/TestHive2JDBC.java index 5d5fcd6..e7e6a91 100644 --- a/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/test/java/org/apache/nifi/atlas/provenance/analyzer/TestHive2JDBC.java +++ b/nifi-nar-bundles/nifi-atlas-bundle/nifi-atlas-reporting-task/src/test/java/org/apache/nifi/atlas/provenance/analyzer/TestHive2JDBC.java @@ -50,7 +50,7 @@ public class TestHive2JDBC { @Test public void testDatabaseLineage() { final String processorName = "PutHiveQL"; -final String transitUri = "jdbc:hive2://0.example.com:1/databaseA"; +final String transitUri = "jdbc:hive2://0.example.com:1/database_A"; final ProvenanceEventRecord record = Mockito.mock(ProvenanceEventRecord.class); when(record.getComponentType()).thenReturn(processorName); when(record.getTransitUri()).thenReturn(transitUri); @@ -70,8 +70,8 @@ public class TestHive2JDBC { assertEquals(1, refs.getOutputs().size()); Referenceable ref = refs.getOutputs().iterator().next(); assertEquals("hive_db", ref.getTypeName()); -assertEquals("databaseA", ref.get(ATTR_NAME)); -assertEquals("databaseA@cluster1", ref.get(ATTR_QUALIFIED_NAME)); +
svn commit: r1876331 - in /nifi/site/trunk: registry.html security.html
Author: alopresto Date: Thu Apr 9 16:18:33 2020 New Revision: 1876331 URL: http://svn.apache.org/viewvc?rev=1876331=rev Log: Added NiFi Registry 0.6.0 links to source code. Added NiFi 1.11.4 CVE announcements. Modified: nifi/site/trunk/registry.html nifi/site/trunk/security.html Modified: nifi/site/trunk/registry.html URL: http://svn.apache.org/viewvc/nifi/site/trunk/registry.html?rev=1876331=1876330=1876331=diff == --- nifi/site/trunk/registry.html (original) +++ nifi/site/trunk/registry.html Thu Apr 9 16:18:33 2020 @@ -198,62 +198,33 @@ https://cwiki.apache.org/confluence/display/NIFIREG/Release+Notes#ReleaseNotes-NiFiRegistry0.6.0;>Release Notes - - 0.5.0 - - - Sources - - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip;>nifi-registry-0.5.0-source-release.zip ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha512;>sha512 ) - - - - Binaries - - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz;>nifi-registry-0.5.0-bin.tar.gz ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.sha512;>sha512 ) - - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip;>nifi-registry-0.5.0-bin.zip ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.sha512;>sha512 ) - - - https://cwiki.apache.org/confluence/display/NIFIREG/Release+Notes#ReleaseNotes-NiFiRegistry0.5.0;>Release Notes - - -0.4.0 +0.5.0 Sources -https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.4.0/nifi-registry-0.4.0-source-release.zip;>nifi-registry-0.4.0-source-release.zip ( - https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.4.0/nifi-registry-0.4.0-source-release.zip.asc;>asc, - https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.4.0/nifi-registry-0.4.0-source-release.zip.sha256;>sha256, - https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.4.0/nifi-registry-0.4.0-source-release.zip.sha512;>sha512 ) +https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip;>nifi-registry-0.5.0-source-release.zip ( + https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.asc;>asc, + https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha256;>sha256, + https://archive.apache.org/dist/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha512;>sha512 ) Binaries -
[nifi-site] 01/02: Updated 1.11.4 security announcement.
This is an automated email from the ASF dual-hosted git repository. alopresto pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nifi-site.git commit 05ad86063df875c6ddea9ac36a90b4fb78321760 Author: Andy LoPresto AuthorDate: Thu Apr 9 08:52:20 2020 -0700 Updated 1.11.4 security announcement. --- src/pages/html/security.hbs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pages/html/security.hbs b/src/pages/html/security.hbs index 01108a9..a2f4217 100644 --- a/src/pages/html/security.hbs +++ b/src/pages/html/security.hbs @@ -59,10 +59,10 @@ title: Apache NiFi Security Reports CVE-2020-5398: Apache NiFi's spring-data-redis usage -Severity: High +Severity: Moderate Versions Affected: -Apache NiFi 1.8.0 - 1.11.4 +Apache NiFi 1.8.0 - 1.11.3 Description: The org.springframework.data:spring-data-redis dependency in the nifi-redis-bundle had a vulnerable transitive dependency. See https://nvd.nist.gov/vuln/detail/CVE-2020-5398; target="_blank">NIST NVD CVE-2020-5398 for more information.
[nifi-site] 02/02: Added NiFi Registry 0.6.0 download links.
This is an automated email from the ASF dual-hosted git repository. alopresto pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nifi-site.git commit c9b92502d32920aaeed656b757255d611a543a1f Author: Andy LoPresto AuthorDate: Thu Apr 9 09:15:28 2020 -0700 Added NiFi Registry 0.6.0 download links. --- src/pages/html/registry.hbs | 56 ++--- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/src/pages/html/registry.hbs b/src/pages/html/registry.hbs index f2a5cdc..c376898 100644 --- a/src/pages/html/registry.hbs +++ b/src/pages/html/registry.hbs @@ -66,61 +66,61 @@ title: Apache NiFi - Registry - 0.5.0 + 0.6.0 Sources - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip;>nifi-registry-0.5.0-source-release.zip ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-source-release.zip.sha512;>sha512 ) + https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-source-release.zip;>nifi-registry-0.6.0-source-release.zip ( + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-source-release.zip.asc;>asc, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-source-release.zip.sha256;>sha256, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-source-release.zip.sha512;>sha512 ) Binaries - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz;>nifi-registry-0.5.0-bin.tar.gz ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.tar.gz.sha512;>sha512 ) + https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.tar.gz;>nifi-registry-0.6.0-bin.tar.gz ( + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.tar.gz.asc;>asc, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.tar.gz.sha256;>sha256, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.tar.gz.sha512;>sha512 ) - https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip;>nifi-registry-0.5.0-bin.zip ( - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.asc;>asc, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.sha256;>sha256, - https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.5.0/nifi-registry-0.5.0-bin.zip.sha512;>sha512 ) + https://www.apache.org/dyn/closer.lua?path=/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.zip;>nifi-registry-0.6.0-bin.zip ( + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.zip.asc;>asc, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.zip.sha256;>sha256, + https://downloads.apache.org/nifi/nifi-registry/nifi-registry-0.6.0/nifi-registry-0.6.0-bin.zip.sha512;>sha512 )
[nifi-site] branch master updated (51b799e -> c9b9250)
This is an automated email from the ASF dual-hosted git repository. alopresto pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/nifi-site.git. from 51b799e NIFI-7238 - Update security.html for NiFi 1.11.4 release. new 05ad860 Updated 1.11.4 security announcement. new c9b9250 Added NiFi Registry 0.6.0 download links. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: src/pages/html/registry.hbs | 56 ++--- src/pages/html/security.hbs | 4 ++-- 2 files changed, 30 insertions(+), 30 deletions(-)
[nifi-site] branch master updated: NIFI-7238 - Update security.html for NiFi 1.11.4 release.
This is an automated email from the ASF dual-hosted git repository. thenatog pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nifi-site.git The following commit(s) were added to refs/heads/master by this push: new 51b799e NIFI-7238 - Update security.html for NiFi 1.11.4 release. 51b799e is described below commit 51b799e7bedad0c94aee17a5e8b6c1f27fa7fd0d Author: Nathan Gough AuthorDate: Mon Apr 6 20:10:53 2020 -0400 NIFI-7238 - Update security.html for NiFi 1.11.4 release. --- src/pages/html/security.hbs | 29 + 1 file changed, 29 insertions(+) diff --git a/src/pages/html/security.hbs b/src/pages/html/security.hbs index c4c4705..01108a9 100644 --- a/src/pages/html/security.hbs +++ b/src/pages/html/security.hbs @@ -45,6 +45,35 @@ title: Apache NiFi Security Reports + + + Fixed in Apache NiFi 1.11.4 + + + + + +Dependency Vulnerabilities + + + + +CVE-2020-5398: Apache NiFi's spring-data-redis usage +Severity: High +Versions Affected: + +Apache NiFi 1.8.0 - 1.11.4 + + +Description: The org.springframework.data:spring-data-redis dependency in the nifi-redis-bundle had a vulnerable transitive dependency. See https://nvd.nist.gov/vuln/detail/CVE-2020-5398; target="_blank">NIST NVD CVE-2020-5398 for more information. +Mitigation: spring-data-redis was upgraded from 2.1.0.RELEASE to 2.1.16.RELEASE for the Apache NiFi 1.11.4 release. It is unlikely that NiFi's usage of this dependency could be exploited as described by the CVE, however we consider it prudent for users running a prior 1.x release to upgrade to the 1.11.4 release. +CVE Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5398; target="_blank">Mitre Database: CVE-2020-5398 +NiFi Jira: https://issues.apache.org/jira/browse/NIFI-7267; target="_blank">NIFI-7267 +NiFi PR: https://github.com/apache/nifi/pull/4150; target="_blank">PR 4150 +Released: March 22, 2020 + + + Fixed in Apache NiFi 1.11.1