[ https://issues.apache.org/jira/browse/DRILL-7946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laurent Goujon resolved DRILL-7946. ----------------------------------- Resolution: Fixed > Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 > -------------------------------------------------------- > > Key: DRILL-7946 > URL: https://issues.apache.org/jira/browse/DRILL-7946 > Project: Apache Drill > Issue Type: Improvement > Reporter: Cong Luo > Assignee: Cong Luo > Priority: Major > Fix For: 1.19.0 > > > Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret > malformed authority component in request URIs passed to the library as > java.net.URI object and pick the wrong target host for request execution. -- This message was sent by Atlassian Jira (v8.3.4#803005)