[jira] [Commented] (RANGER-5091) Bump dnsjava to 3.6.2 due to cve-2024-25638

Abhishek Kumar (Jira) Sat, 18 Jan 2025 23:39:30 -0800


    [ 
https://issues.apache.org/jira/browse/RANGER-5091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17914423#comment-17914423
 ]


Abhishek Kumar commented on RANGER-5091:
----------------------------------------

Merged in [ranger-2.6|https://github.com/apache/ranger/commit/02ee575]

> Bump dnsjava to 3.6.2 due to cve-2024-25638
> -------------------------------------------
>
>                 Key: RANGER-5091
>                 URL: https://issues.apache.org/jira/browse/RANGER-5091
>             Project: Ranger
>          Issue Type: Improvement
>          Components: plugins, Ranger
>    Affects Versions: 2.5.0
>            Reporter: Basapuram Kumar
>            Assignee: Basapuram Kumar
>            Priority: Major
>             Fix For: 3.0.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Bump *dnsjava* to *3.6.2* due to cve-2024-25638
> cve-2024-25638 reference 
> [https://nvd.nist.gov/vuln/detail/cve-2024-25638]
> As per the above CVE, its fixed in >=3.6.0 onwards. Hence suggesting it to  
> latest version 3.6.2.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (RANGER-5091) Bump dnsjava to 3.6.2 due to cve-2024-25638

Reply via email to