Fabian Hueske created FLINK-8308:
------------------------------------
Summary: Update yajl-ruby dependency to 1.3.1 or higher
Key: FLINK-8308
URL:
https://issues.apache.org/jira/browse/FLINK-8308 Project: Flink
Issue Type: Task
Components: Project Website
Reporter: Fabian Hueske
Priority: Critical
Fix For: 1.5.0, 1.4.1
We got notified that yajl-ruby < 1.3.1, a dependency which is used to build the Flink website, has a security vulnerability of high severity.
We should update yajl-ruby to 1.3.1 or higher.
Since the website is built offline and served as static HTML, I don't think this is a super critical issue (please correct me if I'm wrong), but we should resolve this soon.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Locked
