[jira] [Closed] (FLINK-23438) Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13

Chesnay Schepler (Jira) Mon, 26 Jul 2021 23:59:25 -0700


     [ 
https://issues.apache.org/jira/browse/FLINK-23438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Chesnay Schepler closed FLINK-23438.
------------------------------------
    Fix Version/s: 1.14.0
       Resolution: Fixed

master: 75ff1040b367346ccc12021685bc8ca713d3eafa

> Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13
> ----------------------------------------------
>
>                 Key: FLINK-23438
>                 URL: https://issues.apache.org/jira/browse/FLINK-23438
>             Project: Flink
>          Issue Type: Improvement
>            Reporter: Martijn Visser
>            Assignee: Martijn Visser
>            Priority: Minor
>              Labels: pull-request-available
>             Fix For: 1.14.0
>
>
> Flink is still using org.apache.httpcomponents.httpclient:4.5.3 and 
> org.apache.httpcomponents.httpclient:4.5.9. Those versions are impacted by 
> CVE-2020-13956 (though Flink is not impacted by it). The latest available 
> version is 4.5.13



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Closed] (FLINK-23438) Bump httpclient from 4.5.3 and 4.5.9 to 4.5.13

Reply via email to