Mate Szalay-Beko created ZOOKEEPER-4645:
-------------------------------------------
Summary: Backport ZOOKEEPER-3941 (commons-cli upgrade) to
branch-3.6
Key: ZOOKEEPER-4645
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4645
Project: ZooKeeper
Issue Type: Task
Reporter: Mate Szalay-Beko
Assignee: Mate Szalay-Beko
commons-cli 1.2 is affected by a known vulnerability (). To fix it, we need to
upgrade, but versions 1.3+ deprecated some classes we use in the code. In
ZOOKEEPER-3941 we upgraded to commons-cli to version 1.4, but this was
originally shipped only in ZooKeeper 3.7.0+.
To fix the CVE before the release 3.6.4, we need to update commons-cli (by
backporting ZOOKEEPER-3941) on branch-3.6.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
