[ https://issues.apache.org/jira/browse/NIFI-11640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17729376#comment-17729376 ]
ASF subversion and git services commented on NIFI-11640: -------------------------------------------------------- Commit 0cd511f1aa1074e002fad8cccce96f8ca25971db in nifi's branch refs/heads/main from siddr [ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0cd511f1aa ] NIFI-11640 Upgraded download-maven-plugin from 1.2.1 to 1.6.8 This closes #7337 Signed-off-by: David Handermann <exceptionfact...@apache.org> > Update download-maven-plugin to 1.6.8 for Registry > -------------------------------------------------- > > Key: NIFI-11640 > URL: https://issues.apache.org/jira/browse/NIFI-11640 > Project: Apache NiFi > Issue Type: Improvement > Components: NiFi Registry, Tools and Build > Reporter: Siddharth R > Assignee: Siddharth R > Priority: Minor > Labels: dependency-upgrade > Fix For: 1.latest, 2.latest > > Time Spent: 50m > Remaining Estimate: 0h > > Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs: > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425] > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956] > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200] > > -- This message was sent by Atlassian Jira (v8.20.10#820010)