(DEPRECATED) Apache Flink Mailing List archive.

[jira] [Created] (FLINK-22747) Update commons-io to 2.8

classic Classic list List threaded Threaded
1 message Options
Shang Yuanchun (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Created] (FLINK-22747) Update commons-io to 2.8

Shang Yuanchun (Jira)
Timo Walther created FLINK-22747:
------------------------------------

             Summary: Update commons-io to 2.8
                 Key: FLINK-22747
                 URL: https://issues.apache.org/jira/browse/FLINK-22747
             Project: Flink
          Issue Type: Improvement
          Components: Build System
            Reporter: Timo Walther
            Assignee: Timo Walther


commons-io 2.7 has known vulnerabilities that are detected in Flink by some tools. Even though it is unlikely that we use the mentioned class. We should upgrade it to make the tools happy.

 

Context:
{code}

VULNDB-239195
"Vendor Specific News/Changelog Entry
https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0
Vendor Specific Solution URL
https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695
Vendor Specific Solution URL
https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b
Bug Tracker
https://issues.apache.org/jira/browse/IO-675"

{code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Free forum by Nabble Edit this page