Hello there.

We are working on the apache atlas code and started developing over  
https://github.com/apache/atlas/tree/release-2.1.0-rc3.
Upon scanning using twistlock, we found 180+ vulnerabilities. PFA, the 
twistlock-image scanning results.

Out of these, Jackson-databind and netty_netty-all were the most occurring 
ones. So, we tried upgrading the versions, but integration tests in 
atlas-webapp module start failing saying "org.eclipse.jetty.utils: Multi 
exception".
We have upgraded the version of jetty-server to 9.4.x but atlas server fails to 
start and throws 503: service unavailable error.

The same thing is happening while upgrading versions of any other dependencies 
in atlas module. The application breaks for any other dependency which we are 
trying to upgrade. For example, Hadoop-hdfs uses Jackson-databind as transitive 
dependency, hence I am unable to update version.

I do not see any open issue on the github channel too.
Have you experienced any such scenario while upgrading earlier too?
Is there a way for me to move ahead to remove vulnerabilities in the current 
versions.


Regards,
Gaurav Saini

The information transmitted is intended only for the person or entity to which 
it is addressed
and may contain CONFIDENTIAL material.  If you receive this 
material/information in error,
please contact the sender and delete or destroy the material/information.

Humana Inc. and its subsidiaries comply with applicable Federal civil rights 
laws and
do not discriminate on the basis of race, color, national origin, ancestry, 
age, disability, sex,
marital status, gender, sexual orientation, gender identity, or religion. 
Humana Inc. and its subsidiaries do not
exclude people or treat them differently because of race, color, national 
origin, ancestry, age,
disability, sex, marital status, gender, sexual orientation, gender identity, 
or religion.

English: ATTENTION: If you do not speak English, language assistance services, 
free
of charge, are available to you. Call 1‐877‐320‐1235 (TTY: 711).

Español (Spanish): ATENCIÓN: Si habla español, tiene a su disposición servicios
gratuitos de asistencia lingüística. Llame al 1‐877‐320‐1235 (TTY: 711).

繁體中文(Chinese):注意:如果您使用繁體中文,您可以免費獲得語言援助
服務。請致電 1‐877‐320‐1235 (TTY: 711)。

Kreyòl Ayisyen (Haitian Creole): ATANSION: Si w pale Kreyòl Ayisyen, gen sèvis 
èd
pou lang ki disponib gratis pou ou. Rele 1‐877‐320‐1235 (TTY: 711).

Polski (Polish): UWAGA: Jeżeli mówisz po polsku, możesz skorzystać z bezpłatnej
pomocy językowej. Zadzwoń pod numer 1‐877‐320‐1235 (TTY: 711).

한국어 (Korean): 주의: 한국어를 사용하시는 경우, 언어 지원 서비스를 무료로
이용하실 수 있습니다. 1‐877‐320‐1235 (TTY: 711)번으로 전화해 주십시오.

Reply via email to