frankvicky commented on PR #3993: URL: https://github.com/apache/ambari/pull/3993#issuecomment-2813310323
Hi @JiaLiangC, Thanks for the question. I think we should redefine the scope of this issue. The `spring-web` and `security` modules have CVE issues, but we can resolve the `spring-web` issue by upgrading to a minor version. We should open another ticket to track the `security` CVE issue, as we were unable to resolve it by upgrading to a minor version. c.c @jojochuang -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
