-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
exclude jackson-jaxrs from ranger-security, update documentation to reflect ranger update #15481
Merged
xvrl
merged 5 commits into
apache:master
from
janjwerner-confluent:janjwerner-remove-jackson-jaxrs
Dec 5, 2023
Merged
exclude jackson-jaxrs from ranger-security, update documentation to reflect ranger update #15481
xvrl
merged 5 commits into
apache:master
from
janjwerner-confluent:janjwerner-remove-jackson-jaxrs
Dec 5, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
janjwerner-confluent
changed the title
exclude jackson-jaxrs
exclude jackson-jaxrs from ranger-security
Dec 4, 2023
xvrl
reviewed
Dec 4, 2023
janjwerner-confluent
changed the title
exclude jackson-jaxrs from ranger-security
exclude jackson-jaxrs from ranger-security, update documentation to reflect ranger update
Dec 4, 2023
xvrl
reviewed
Dec 4, 2023
xvrl
reviewed
Dec 5, 2023
xvrl
reviewed
Dec 5, 2023
Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
Thank you for the catches @xvrl |
xvrl
approved these changes
Dec 5, 2023
Pankaj260100
pushed a commit
to confluentinc/druid
that referenced
this pull request
Dec 13, 2023
…ion (apache#15481) * Excluding jackson-jaxrs dependency from ranger-plugin-common to address CVE regression introduced by ranger-upgrade: CVE-2019-10202, CVE-2019-10172 * remove the reference to outdated ranger 2.0 from the docs --------- Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
Pankaj260100
pushed a commit
to confluentinc/druid
that referenced
this pull request
Dec 19, 2023
…ion (apache#15481) * Excluding jackson-jaxrs dependency from ranger-plugin-common to address CVE regression introduced by ranger-upgrade: CVE-2019-10202, CVE-2019-10172 * remove the reference to outdated ranger 2.0 from the docs --------- Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
Pankaj260100
pushed a commit
to confluentinc/druid
that referenced
this pull request
Dec 19, 2023
…ion (apache#15481) * Excluding jackson-jaxrs dependency from ranger-plugin-common to address CVE regression introduced by ranger-upgrade: CVE-2019-10202, CVE-2019-10172 * remove the reference to outdated ranger 2.0 from the docs --------- Co-authored-by: Xavier Léauté <xl+github@xvrl.net>
Hello, this PR seems to solve the 2 CVE mentionned above, can you confirm the milestone please ? 29.0 ? |
LakshSingla
added a commit
to LakshSingla/druid
that referenced
this pull request
Feb 12, 2024
…cumentation (apache#15481)" This reverts commit f4856bc.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Excluding additional dependency from ranger-plugin-common to address CVE regression introduced by ranger-upgrade:
CVE-2019-10202
CVE-2019-10172
This PR has: