[
https://issues.apache.org/jira/browse/FLUME-3407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ralph Goers closed FLUME-3407.
------------------------------
> workaround for jackson-mapper-asl-1.9.13.jar @ flume-ng
> ---------------------------------------------------------
>
> Key: FLUME-3407
> URL: https://issues.apache.org/jira/browse/FLUME-3407
> Project: Flume
> Issue Type: Bug
> Components: Build
> Environment: java 11
> Reporter: alexander kravchik
> Priority: Critical
> Fix For: 1.10.0
>
>
> Dear colleagues,
> we are using log4j2 with flume-ng appender.
> The below vulnerabilities are found in the dependent
> jackson-mapper-asl-1.9.13.jar :
> cve-2019-10202
> cve-2019-10172
> Please advise if this will be fixed and planned ETA in case it is already
> fixed
> Thanks ,
> sasha
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
