[GitHub] [nifi] rmarturano commented on issue #4079: NIFI-7192 - nifi.sh install not working on systemd servers
rmarturano commented on issue #4079: NIFI-7192 - nifi.sh install not working on systemd servers URL: https://github.com/apache/nifi/pull/4079#issuecomment-593266251 @pvillard31 / @alopresto can you please take a look on this? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [nifi] KuKuDeCheng commented on a change in pull request #3893: NIFI-6878: Added 'Use statement.type Attribute' to ConvertJSONToSQL
KuKuDeCheng commented on a change in pull request #3893: NIFI-6878: Added 'Use
statement.type Attribute' to ConvertJSONToSQL
URL: https://github.com/apache/nifi/pull/3893#discussion_r386192688
##
File path:
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ConvertJSONToSQL.java
##
@@ -380,6 +383,10 @@ public void process(final InputStream in) throws
IOException {
tableNameBuilder.append(tableName);
final String fqTableName = tableNameBuilder.toString();
+if (USE_ATTR_TYPE.equals(statementType)) {
Review comment:
If the property of `Statement Type` is ser to 'Use statement.type
Attribute', we get the type of SQL statement from the incoming flowfile
attribute
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
[jira] [Closed] (NIFI-6878) ConvertJSONToSQL Improvement. Statement Type Support "Use statement.type Attribute" or Supports Expression Language
[ https://issues.apache.org/jira/browse/NIFI-6878?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] ZhangCheng closed NIFI-6878. > ConvertJSONToSQL Improvement. Statement Type Support "Use statement.type > Attribute" or Supports Expression Language > - > > Key: NIFI-6878 > URL: https://issues.apache.org/jira/browse/NIFI-6878 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions >Reporter: ZhangCheng >Assignee: Matt Burgess >Priority: Minor > Time Spent: 20m > Remaining Estimate: 0h > > ConvertJSONToSQL Statement Type provides fixed options : > UPDATE,INSERT,DELETE. > Usually, it can meet our needs. But in actual application,I think It's not > flexible enough. > In some cases, we need to dynamically indicate the Statement Type. > For example,the data from CpatureChangeMysql owns the attribute of > statement type(cdc.event.type, we need to convert the data to sql(DML) > orderly; And we now have to use RouteOnAttribute to transfer data to three > branches , Build SQL statement separately ,finally,we have to use > EnforceOrder to ensure the order of SQL statements. > But it will be easy if ConvertJSONToSQL supports dynamical Statement Type . > It is easy to implement this feature just like PutDatabaseRecord. > In practice, I did use PutDatabaseRecord instead of ConvertJSONToSQL. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-6878) ConvertJSONToSQL Improvement. Statement Type Support "Use statement.type Attribute" or Supports Expression Language
[ https://issues.apache.org/jira/browse/NIFI-6878?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] ZhangCheng updated NIFI-6878: - Status: Resolved (was: Closed) > ConvertJSONToSQL Improvement. Statement Type Support "Use statement.type > Attribute" or Supports Expression Language > - > > Key: NIFI-6878 > URL: https://issues.apache.org/jira/browse/NIFI-6878 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions >Reporter: ZhangCheng >Assignee: Matt Burgess >Priority: Minor > Time Spent: 20m > Remaining Estimate: 0h > > ConvertJSONToSQL Statement Type provides fixed options : > UPDATE,INSERT,DELETE. > Usually, it can meet our needs. But in actual application,I think It's not > flexible enough. > In some cases, we need to dynamically indicate the Statement Type. > For example,the data from CpatureChangeMysql owns the attribute of > statement type(cdc.event.type, we need to convert the data to sql(DML) > orderly; And we now have to use RouteOnAttribute to transfer data to three > branches , Build SQL statement separately ,finally,we have to use > EnforceOrder to ensure the order of SQL statements. > But it will be easy if ConvertJSONToSQL supports dynamical Statement Type . > It is easy to implement this feature just like PutDatabaseRecord. > In practice, I did use PutDatabaseRecord instead of ConvertJSONToSQL. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-7024) Add kerberos password property to NiFi HBase components
[ https://issues.apache.org/jira/browse/NIFI-7024?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jeff Storck updated NIFI-7024: -- Status: Patch Available (was: In Progress) > Add kerberos password property to NiFi HBase components > --- > > Key: NIFI-7024 > URL: https://issues.apache.org/jira/browse/NIFI-7024 > Project: Apache NiFi > Issue Type: Sub-task > Components: Extensions >Reporter: Jeff Storck >Assignee: Jeff Storck >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > In addition to the principal/keytab and KerberosCredentialsService options > for accessing kerberized services from NiFi HBase components, a password > field should be added. > Components should validate that only one set of options should be configured: > * principal and keytab > * principal and password > * KerberosCredentialsService > The components that will be affected by this change: > * HBase_1_1_2_ClientService > * HBase_2_ClientService -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [nifi] jtstorck opened a new pull request #4103: NIFI-7024: Add Kerberos Password support to HBase components
jtstorck opened a new pull request #4103: NIFI-7024: Add Kerberos Password
support to HBase components
URL: https://github.com/apache/nifi/pull/4103
Thank you for submitting a contribution to Apache NiFi.
Please provide a short description of the PR here:
Description of PR
_Add Kerberos Password support to HBase components._
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [x] Is there a JIRA ticket associated with this PR? Is it referenced
in the commit message?
- [x] Does your PR title start with **NIFI-** where is the JIRA
number you are trying to resolve? Pay particular attention to the hyphen "-"
character.
- [x] Has your PR been rebased against the latest commit within the target
branch (typically `master`)?
- [x] Is your initial contribution a single, squashed commit? _Additional
commits in response to PR reviewer feedback should be made on this branch and
pushed to allow change tracking. Do not `squash` or use `--force` when pushing
to allow for clean monitoring of changes._
### For code changes:
- [x] Have you ensured that the full suite of tests is executed via `mvn
-Pcontrib-check clean install` at the root `nifi` folder?
- [x] Have you written or updated unit tests to verify your changes?
- [ ] Have you verified that the full build is successful on both JDK 8 and
JDK 11?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE` file, including the main
`LICENSE` file under `nifi-assembly`?
- [ ] If applicable, have you updated the `NOTICE` file, including the main
`NOTICE` file found under `nifi-assembly`?
- [x] If adding new Properties, have you added `.displayName` in addition to
.name (programmatic access) for each of the new properties?
### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in which
it is rendered?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build
issues and submit an update to your PR as soon as possible.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
[jira] [Assigned] (NIFI-7024) Add kerberos password property to NiFi HBase components
[ https://issues.apache.org/jira/browse/NIFI-7024?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jeff Storck reassigned NIFI-7024: - Assignee: Jeff Storck > Add kerberos password property to NiFi HBase components > --- > > Key: NIFI-7024 > URL: https://issues.apache.org/jira/browse/NIFI-7024 > Project: Apache NiFi > Issue Type: Sub-task > Components: Extensions >Reporter: Jeff Storck >Assignee: Jeff Storck >Priority: Major > > In addition to the principal/keytab and KerberosCredentialsService options > for accessing kerberized services from NiFi HBase components, a password > field should be added. > Components should validate that only one set of options should be configured: > * principal and keytab > * principal and password > * KerberosCredentialsService > The components that will be affected by this change: > * HBase_1_1_2_ClientService > * HBase_2_ClientService -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-7025) Add kerberos password property to NiFi Hive components
[ https://issues.apache.org/jira/browse/NIFI-7025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jeff Storck updated NIFI-7025: -- Status: Patch Available (was: In Progress) > Add kerberos password property to NiFi Hive components > -- > > Key: NIFI-7025 > URL: https://issues.apache.org/jira/browse/NIFI-7025 > Project: Apache NiFi > Issue Type: Sub-task > Components: Extensions >Reporter: Jeff Storck >Assignee: Jeff Storck >Priority: Major > Time Spent: 40m > Remaining Estimate: 0h > > In addition to the principal/keytab and KerberosCredentialsService options > for accessing kerberized services from NiFi Hive components, a password field > should be added. > Components should validate that only one set of options should be configured: > * principal and keytab > * principal and password > * KerberosCredentialsService > The components that will be affected by this change: > * Hive3ConnectionPool > * Hive_1_1ConnectionPool > * HiveConnectionPool > * PutHive3Streaming > * PutHiveStreaming -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (NIFI-7213) Review CVE listing against dependencies to determine if CVE is relevant
[ https://issues.apache.org/jira/browse/NIFI-7213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17048598#comment-17048598 ] Joe Witt commented on NIFI-7213: This kind of scripted JIRA is not only unhelpful it is counter productive and it violates ours and the ASF security reporting processes. A library having a reported CVE doesnt mean it is unsafe for all uses. It takes real effort and understanding to review these and this does occur. > Review CVE listing against dependencies to determine if CVE is relevant > --- > > Key: NIFI-7213 > URL: https://issues.apache.org/jira/browse/NIFI-7213 > Project: Apache NiFi > Issue Type: Bug >Reporter: XuCongying >Priority: Major > > > Vulnerable Library Version: org.apache.derby : derby : 10.11.1.1 > CVE ID: > [CVE-2015-1832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1832) > Import Path: > nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/pom.xml, > nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml, > > nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml, > nifi-nar-bundles/nifi-extension-utils/nifi-database-utils/pom.xml > Suggested Safe Versions: 10.12.1.1, 10.13.1.1, 10.14.1.0, 10.14.2.0, > 10.15.1.3 > Vulnerable Library Version: org.eclipse.paho : > org.eclipse.paho.client.mqttv3 : 1.2.0 > CVE ID: > [CVE-2019-11777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11777) > Import Path: nifi-nar-bundles/nifi-mqtt-bundle/nifi-mqtt-processors/pom.xml > Suggested Safe Versions: 1.2.1, 1.2.2 > Vulnerable Library Version: com.google.guava : guava : 18.0 > CVE ID: > [CVE-2018-10237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) > Import Path: > nifi-nar-bundles/nifi-graph-bundle/nifi-graph-processors/pom.xml > Suggested Safe Versions: 24.1.1-android, 24.1.1-jre, 25.0-android, > 25.0-jre, 25.1-android, 25.1-jre, 26.0-android, 26.0-jre, 27.0-android, > 27.0-jre, 27.0.1-android, 27.0.1-jre, 27.1-android, 27.1-jre, 28.0-android, > 28.0-jre, 28.1-android, 28.1-jre, 28.2-android, 28.2-jre > Vulnerable Library Version: org.apache.ignite : ignite-spring : 1.6.0 > CVE ID: > [CVE-2017-7686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7686) > Import Path: > nifi-nar-bundles/nifi-ignite-bundle/nifi-ignite-processors/pom.xml > Suggested Safe Versions: 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, > 2.7.5, 2.7.6 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 0.11.0.3 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-0-11-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 1.0.2 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-1-0-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 2.0.0 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-2-0-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.2.1 > CVE ID: > [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), > > [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), > [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) > Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml > Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, > 3.1.2 > Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.1.1 > CVE ID: > [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), > > [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), > [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) > Import Path: > nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml > Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, > 3.1.2 > Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.10.0 > CVE ID: > [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) > Import Path: > nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/pom.xml, > > nifi-nar-bundles/nifi-stand
[jira] [Updated] (NIFI-7213) Review CVE listing against dependencies to determine if CVE is relevant
[ https://issues.apache.org/jira/browse/NIFI-7213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joe Witt updated NIFI-7213: --- Summary: Review CVE listing against dependencies to determine if CVE is relevant (was: Some CVEs in dependencies are threatening your project!) > Review CVE listing against dependencies to determine if CVE is relevant > --- > > Key: NIFI-7213 > URL: https://issues.apache.org/jira/browse/NIFI-7213 > Project: Apache NiFi > Issue Type: Bug >Reporter: XuCongying >Priority: Major > > Your project is at risk due to the use of vulnerable dependencies. I suggest > updating their versions to increase the security of your project. See below > for more details: > > Vulnerable Library Version: org.apache.derby : derby : 10.11.1.1 > CVE ID: > [CVE-2015-1832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1832) > Import Path: > nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/pom.xml, > nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml, > > nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml, > nifi-nar-bundles/nifi-extension-utils/nifi-database-utils/pom.xml > Suggested Safe Versions: 10.12.1.1, 10.13.1.1, 10.14.1.0, 10.14.2.0, > 10.15.1.3 > Vulnerable Library Version: org.eclipse.paho : > org.eclipse.paho.client.mqttv3 : 1.2.0 > CVE ID: > [CVE-2019-11777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11777) > Import Path: nifi-nar-bundles/nifi-mqtt-bundle/nifi-mqtt-processors/pom.xml > Suggested Safe Versions: 1.2.1, 1.2.2 > Vulnerable Library Version: com.google.guava : guava : 18.0 > CVE ID: > [CVE-2018-10237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) > Import Path: > nifi-nar-bundles/nifi-graph-bundle/nifi-graph-processors/pom.xml > Suggested Safe Versions: 24.1.1-android, 24.1.1-jre, 25.0-android, > 25.0-jre, 25.1-android, 25.1-jre, 26.0-android, 26.0-jre, 27.0-android, > 27.0-jre, 27.0.1-android, 27.0.1-jre, 27.1-android, 27.1-jre, 28.0-android, > 28.0-jre, 28.1-android, 28.1-jre, 28.2-android, 28.2-jre > Vulnerable Library Version: org.apache.ignite : ignite-spring : 1.6.0 > CVE ID: > [CVE-2017-7686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7686) > Import Path: > nifi-nar-bundles/nifi-ignite-bundle/nifi-ignite-processors/pom.xml > Suggested Safe Versions: 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, > 2.7.5, 2.7.6 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 0.11.0.3 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-0-11-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 1.0.2 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-1-0-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 2.0.0 > CVE ID: > [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) > Import Path: > nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-2-0-processors/pom.xml > Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 > Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.2.1 > CVE ID: > [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), > > [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), > [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) > Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml > Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, > 3.1.2 > Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.1.1 > CVE ID: > [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), > > [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), > [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) > Import Path: > nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml > Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, > 3.1.2 > Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.10.0 > CVE ID: > [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) > Import Path: > nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/pom.xml, > > nifi-nar-bundles/nifi-standard-services/nifi
[jira] [Updated] (NIFI-7213) Review CVE listing against dependencies to determine if CVE is relevant
[ https://issues.apache.org/jira/browse/NIFI-7213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joe Witt updated NIFI-7213: --- Description: Vulnerable Library Version: org.apache.derby : derby : 10.11.1.1 CVE ID: [CVE-2015-1832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1832) Import Path: nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml, nifi-nar-bundles/nifi-extension-utils/nifi-database-utils/pom.xml Suggested Safe Versions: 10.12.1.1, 10.13.1.1, 10.14.1.0, 10.14.2.0, 10.15.1.3 Vulnerable Library Version: org.eclipse.paho : org.eclipse.paho.client.mqttv3 : 1.2.0 CVE ID: [CVE-2019-11777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11777) Import Path: nifi-nar-bundles/nifi-mqtt-bundle/nifi-mqtt-processors/pom.xml Suggested Safe Versions: 1.2.1, 1.2.2 Vulnerable Library Version: com.google.guava : guava : 18.0 CVE ID: [CVE-2018-10237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) Import Path: nifi-nar-bundles/nifi-graph-bundle/nifi-graph-processors/pom.xml Suggested Safe Versions: 24.1.1-android, 24.1.1-jre, 25.0-android, 25.0-jre, 25.1-android, 25.1-jre, 26.0-android, 26.0-jre, 27.0-android, 27.0-jre, 27.0.1-android, 27.0.1-jre, 27.1-android, 27.1-jre, 28.0-android, 28.0-jre, 28.1-android, 28.1-jre, 28.2-android, 28.2-jre Vulnerable Library Version: org.apache.ignite : ignite-spring : 1.6.0 CVE ID: [CVE-2017-7686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7686) Import Path: nifi-nar-bundles/nifi-ignite-bundle/nifi-ignite-processors/pom.xml Suggested Safe Versions: 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.7.5, 2.7.6 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 0.11.0.3 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-0-11-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 1.0.2 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-1-0-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 2.0.0 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-2-0-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.2.1 CVE ID: [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, 3.1.2 Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.1.1 CVE ID: [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, 3.1.2 Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.10.0 CVE ID: [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) Import Path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml Suggested Safe Versions: 3.12.1, 3.12.2, 3.12.3, 3.12.4, 3.12.5, 3.12.6, 3.12.7, 3.12.8, 3.13.0, 3.13.1, 3.14.0, 3.14.1, 3.14.2, 3.14.3, 3.14.4, 3.14.5, 3.14.6, 4.0.0, 4.0.0-RC1, 4.0.0-RC2, 4.0.0-RC3, 4.0.0-alpha01, 4.0.0-alpha02, 4.0.1, 4.1.0, 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.4.0 Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.3.1 CVE ID: [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) Import Path: nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-processors/pom.xml Suggested Safe Versions: 3.12.1, 3.12.2, 3.12.3, 3.12.4, 3.12.5, 3.12.6, 3.12.7, 3.12.8, 3.13.0, 3.13.1, 3.14.0, 3.14.1, 3.14.2, 3.14.3, 3.14.4, 3.14.5, 3.14.6, 4.0.0, 4.0.0-RC1, 4.0.0-RC2, 4.0.0-RC3, 4.0.0-alpha01, 4.0.0-alpha02,
[jira] [Created] (NIFI-7213) Some CVEs in dependencies are threatening your project!
XuCongying created NIFI-7213: Summary: Some CVEs in dependencies are threatening your project! Key: NIFI-7213 URL: https://issues.apache.org/jira/browse/NIFI-7213 Project: Apache NiFi Issue Type: Bug Reporter: XuCongying Your project is at risk due to the use of vulnerable dependencies. I suggest updating their versions to increase the security of your project. See below for more details: Vulnerable Library Version: org.apache.derby : derby : 10.11.1.1 CVE ID: [CVE-2015-1832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1832) Import Path: nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml, nifi-nar-bundles/nifi-extension-utils/nifi-database-utils/pom.xml Suggested Safe Versions: 10.12.1.1, 10.13.1.1, 10.14.1.0, 10.14.2.0, 10.15.1.3 Vulnerable Library Version: org.eclipse.paho : org.eclipse.paho.client.mqttv3 : 1.2.0 CVE ID: [CVE-2019-11777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11777) Import Path: nifi-nar-bundles/nifi-mqtt-bundle/nifi-mqtt-processors/pom.xml Suggested Safe Versions: 1.2.1, 1.2.2 Vulnerable Library Version: com.google.guava : guava : 18.0 CVE ID: [CVE-2018-10237](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) Import Path: nifi-nar-bundles/nifi-graph-bundle/nifi-graph-processors/pom.xml Suggested Safe Versions: 24.1.1-android, 24.1.1-jre, 25.0-android, 25.0-jre, 25.1-android, 25.1-jre, 26.0-android, 26.0-jre, 27.0-android, 27.0-jre, 27.0.1-android, 27.0.1-jre, 27.1-android, 27.1-jre, 28.0-android, 28.0-jre, 28.1-android, 28.1-jre, 28.2-android, 28.2-jre Vulnerable Library Version: org.apache.ignite : ignite-spring : 1.6.0 CVE ID: [CVE-2017-7686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7686) Import Path: nifi-nar-bundles/nifi-ignite-bundle/nifi-ignite-processors/pom.xml Suggested Safe Versions: 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.7.5, 2.7.6 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 0.11.0.3 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-0-11-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 1.0.2 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-1-0-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.kafka : kafka_2.11 : 2.0.0 CVE ID: [CVE-2019-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17196) Import Path: nifi-nar-bundles/nifi-kafka-bundle/nifi-kafka-2-0-processors/pom.xml Suggested Safe Versions: 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0 Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.2.1 CVE ID: [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, 3.1.2 Vulnerable Library Version: org.apache.hive : hive-jdbc : 1.1.1 CVE ID: [CVE-2016-3083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3083), [CVE-2015-7521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7521), [CVE-2018-1282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1282) Import Path: nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml Suggested Safe Versions: 2.3.3, 2.3.4, 2.3.5, 2.3.6, 3.0.0, 3.1.0, 3.1.1, 3.1.2 Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.10.0 CVE ID: [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) Import Path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/pom.xml, nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services/pom.xml Suggested Safe Versions: 3.12.1, 3.12.2, 3.12.3, 3.12.4, 3.12.5, 3.12.6, 3.12.7, 3.12.8, 3.13.0, 3.13.1, 3.14.0, 3.14.1, 3.14.2, 3.14.3, 3.14.4, 3.14.5, 3.14.6, 4.0.0, 4.0.0-RC1, 4.0.0-RC2, 4.0.0-RC3, 4.0.0-alpha01, 4.0.0-alpha02, 4.0.1, 4.1.0, 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.4.0 Vulnerable Library Version: com.squareup.okhttp3 : okhttp : 3.3.1 CVE ID: [CVE-2018-20200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20200) Import Path: nifi-nar
