[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640
[ https://issues.apache.org/jira/browse/ATLAS-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17196760#comment-17196760 ] ASF subversion and git services commented on ATLAS-3940: Commit d330da8763242faa955bb665cb74c96c5b34e7a2 in atlas's branch refs/heads/branch-2.0 from Rahul Nandi [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d330da8 ] ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110) (cherry picked from commit d555c02ba283312e2d9b014b5d68a17da3661525) > Upgrade snakeyaml to a version without CVE-2017-18640 > -- > > Key: ATLAS-3940 > URL: https://issues.apache.org/jira/browse/ATLAS-3940 > Project: Atlas > Issue Type: Bug >Reporter: Nixon Rodrigues >Priority: Major > Time Spent: 20m > Remaining Estimate: 0h > > Maven package cassandra-all has transitive dependency on > org.yaml:snakeyaml:1.11 which has > CVE-2017-18640:https://nvd.nist.gov/vuln/detail/CVE-2017-18640 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640
[ https://issues.apache.org/jira/browse/ATLAS-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17195974#comment-17195974 ] ASF subversion and git services commented on ATLAS-3940: Commit d555c02ba283312e2d9b014b5d68a17da3661525 in atlas's branch refs/heads/master from Rahul Nandi [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d555c02 ] ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110) > Upgrade snakeyaml to a version without CVE-2017-18640 > -- > > Key: ATLAS-3940 > URL: https://issues.apache.org/jira/browse/ATLAS-3940 > Project: Atlas > Issue Type: Bug >Reporter: Nixon Rodrigues >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Maven package cassandra-all has transitive dependency on > org.yaml:snakeyaml:1.11 which has > CVE-2017-18640:https://nvd.nist.gov/vuln/detail/CVE-2017-18640 -- This message was sent by Atlassian Jira (v8.3.4#803005)
