Commons-text is only used for testing the Kubernetes integration and isn’t
shipped. Having said that, we should update to a version that isn’t vulnerable
when one becomes available. (It’s a transitive dependency. We use the latest
version of MockServer, but it has not been patched yet.
In the last few days two new potentially high profile vulnerabilities have
come forth from OpenSSL & Apache.
We are currently using Apache Ignite 2.13 and would like to understand if
there is known exposure to the vulnerabilities noted below:
1.
The OpenSSL set of libraries has a