[ https://issues.apache.org/jira/browse/NIFI-11120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17682695#comment-17682695 ]
ASF subversion and git services commented on NIFI-11120: -------------------------------------------------------- Commit 5daf01e760b6b8603852dc3fa2589fad07725a7f in nifi's branch refs/heads/main from David Handermann [ https://gitbox.apache.org/repos/asf?p=nifi.git;h=5daf01e760 ] NIFI-11120 This closes #6912. Upgraded Zip4j from 2.11.2 to 2.11.3 Signed-off-by: Joe Witt <joew...@apache.org> > Upgrade Zip4j to 2.11.3 > ----------------------- > > Key: NIFI-11120 > URL: https://issues.apache.org/jira/browse/NIFI-11120 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions > Reporter: David Handermann > Assignee: David Handermann > Priority: Minor > Labels: dependency-upgrade > Fix For: 1.20.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Zip4j 2.11.3 includes a resolution for > [CVE-2023-22899|https://nvd.nist.gov/vuln/detail/CVE-2023-22899], which > relates to Message Authentication Code verification when decrypting encrypted > Zip files. -- This message was sent by Atlassian Jira (v8.20.10#820010)