[
https://issues.apache.org/jira/browse/RANGER-4939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17921224#comment-17921224
]
Abhishek Kumar commented on RANGER-4939:
----------------------------------------
Please update the Priority to Blocker if this needs addressed in the 2.6.0
release, the ranger-2.6 branch will be in locked mode after Jan-29. thanks.
> Upgrade Elasticsearch version to 7.17.24
> ----------------------------------------
>
> Key: RANGER-4939
> URL: https://issues.apache.org/jira/browse/RANGER-4939
> Project: Ranger
> Issue Type: Improvement
> Components: audit
> Affects Versions: 2.5.0
> Reporter: FerArribas
> Assignee: FerArribas
> Priority: Major
> Labels: security
> Fix For: 3.0.0, 2.5.0, 2.6.0
>
> Attachments:
> 0001-RANGER-4939-Upgrade-Elasticsearch-version-to-7.17.24.patch
>
> Original Estimate: 336h
> Time Spent: 40m
> Remaining Estimate: 335h 20m
>
> Elasticsearch version 7.10.2 is affected by a high vulnerability
> CVE-2023-31418. You must upgrade to version 7.17.22 to fix this
> vulnerability.
> For the moment, it is not easy to upgrade to a more current version than
> 7.17.22 since the Elastic API is not backwards compatible and changes the
> implementation a lot.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
