David Handermann created NIFI-8538:
--------------------------------------
Summary: Upgrade Apache Commons IO to 2.8.0
Key: NIFI-8538
URL: https://issues.apache.org/jira/browse/NIFI-8538
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 1.13.2
Reporter: David Handermann
Assignee: David Handermann
Apache Commons IO version 2.7 and below are vulnerable to
[CVE-2021-29425|https://nvd.nist.gov/vuln/detail/CVE-2021-29425]. Although
NiFi does not appear to have any direct calls to {{FileNameUtils.normalize()}},
numerous libraries leverage Commons IO. Upgrading to version 2.8.0 addresses
this issue and also includes a number of other minor bug fixes.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
