[jira] [Updated] (APEXCORE-815) Whitelist CVE-2016-6811

Vlad Rozov (JIRA) Tue, 15 May 2018 10:38:21 -0700

     [ 
https://issues.apache.org/jira/browse/APEXCORE-815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vlad Rozov updated APEXCORE-815:
--------------------------------
    Fix Version/s: 4.0.0

> Whitelist CVE-2016-6811
> -----------------------
>
>                 Key: APEXCORE-815
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-815
>             Project: Apache Apex Core
>          Issue Type: Task
>            Reporter: Vlad Rozov
>            Assignee: Vlad Rozov
>            Priority: Major
>             Fix For: 4.0.0
>
>
> There is an old vulnerability in Yarn version 2.7.3 and below (please see 
> [CVE-2016-6811|https://www.cvedetails.com/cve/CVE-2016-6811]) that was 
> recently marked as severity 9 and now it breaks Apex build.  Based on my 
> analysis, the vulnerability affects Yarn cluster itself (see 
> [YARN-5121|https://issues.apache.org/jira/browse/YARN-5121]).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (APEXCORE-815) Whitelist CVE-2016-6811

Reply via email to