date:20191210

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Franco Luong (Jira)



[ 
https://issues.apache.org/jira/browse/STORM-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16992692#comment-16992692
 ] 

Franco Luong edited comment on STORM-3553 at 12/10/19 5:00 PM:
---

[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]
 * https://snyk.io/vuln/npm:jquery
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358]


was (Author: sfdcfranco):
[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]
 * [https://snyk.io/vuln/npm:jquery
]
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358]

> Upgrade JQuery to 3.4.x
> ---
>
> Key: STORM-3553
> URL: https://issues.apache.org/jira/browse/STORM-3553
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 1.2.3, 2.1.0
>Reporter: Ahmed Mahfouz
>Priority: Major
>
> JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]
>  JQuery 1.11.1 that currently being used is having this security issue:
>  - Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Franco Luong (Jira)



[ 
https://issues.apache.org/jira/browse/STORM-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16992692#comment-16992692
 ] 

Franco Luong edited comment on STORM-3553 at 12/10/19 4:17 PM:
---

[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]
 * [https://snyk.io/vuln/npm:jquery
]
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358]


was (Author: sfdcfranco):
[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]
 * [https://snyk.io/vuln/npm:jquery]

> Upgrade JQuery to 3.4.x
> ---
>
> Key: STORM-3553
> URL: https://issues.apache.org/jira/browse/STORM-3553
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 1.2.3, 2.1.0
>Reporter: Ahmed Mahfouz
>Priority: Major
>
> JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]
>  JQuery 1.11.1 that currently being used is having this security issue:
>  - Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Franco Luong (Jira)



[ 
https://issues.apache.org/jira/browse/STORM-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16992692#comment-16992692
 ] 

Franco Luong edited comment on STORM-3553 at 12/10/19 4:15 PM:
---

[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]
 * [https://snyk.io/vuln/npm:jquery]


was (Author: sfdcfranco):
[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]

> Upgrade JQuery to 3.4.x
> ---
>
> Key: STORM-3553
> URL: https://issues.apache.org/jira/browse/STORM-3553
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 1.2.3, 2.1.0
>Reporter: Ahmed Mahfouz
>Priority: Major
>
> JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]
>  JQuery 1.11.1 that currently being used is having this security issue:
>  - Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Franco Luong (Jira)



[ 
https://issues.apache.org/jira/browse/STORM-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16992692#comment-16992692
 ] 

Franco Luong commented on STORM-3553:
-

[Supporting materials:|https://www.tenable.com/plugins/nessus/124719]
 * [https://www.tenable.com/plugins/nessus/124719]
 * [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/]

> Upgrade JQuery to 3.4.x
> ---
>
> Key: STORM-3553
> URL: https://issues.apache.org/jira/browse/STORM-3553
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 1.2.3, 2.1.0
>Reporter: Ahmed Mahfouz
>Priority: Major
>
> JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]
>  JQuery 1.11.1 that currently being used is having this security issue:
>  - Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Ahmed Mahfouz (Jira)



 [ 
https://issues.apache.org/jira/browse/STORM-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ahmed Mahfouz updated STORM-3553:
-
Description: 
JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]

 JQuery 1.11.1 that currently being used is having this security issue:
 - Prototype Pollution

  was:
JQuery < 3.4.0 has two security issues ([https://snyk.io/vuln/npm:jquery)] :

 

- Cross-site Scripting (XSS)
- Prototype Pollution


> Upgrade JQuery to 3.4.x
> ---
>
> Key: STORM-3553
> URL: https://issues.apache.org/jira/browse/STORM-3553
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 1.2.3, 2.1.0
>Reporter: Ahmed Mahfouz
>Priority: Major
>
> JQuery < 3.4.0 has some security issues ([https://snyk.io/vuln/npm:jquery)]
>  JQuery 1.11.1 that currently being used is having this security issue:
>  - Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (STORM-3553) Upgrade JQuery to 3.4.x

2019-12-10 Thread Ahmed Mahfouz (Jira)

Ahmed Mahfouz created STORM-3553:


 Summary: Upgrade JQuery to 3.4.x
 Key: STORM-3553
 URL: https://issues.apache.org/jira/browse/STORM-3553
 Project: Apache Storm
  Issue Type: Bug
  Components: storm-core
Affects Versions: 2.1.0, 1.2.3, 2.0.0
Reporter: Ahmed Mahfouz


JQuery < 3.4.0 has two security issues ([https://snyk.io/vuln/npm:jquery)] :

 

- Cross-site Scripting (XSS)
- Prototype Pollution



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (STORM-3552) Storm CLI set_log_level no longer updates the log level

2019-12-10 Thread ASF GitHub Bot (Jira)



 [ 
https://issues.apache.org/jira/browse/STORM-3552?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

ASF GitHub Bot updated STORM-3552:
--
Labels: pull-request-available  (was: )

> Storm CLI set_log_level no longer updates the log level
> ---
>
> Key: STORM-3552
> URL: https://issues.apache.org/jira/browse/STORM-3552
> Project: Apache Storm
>  Issue Type: Bug
>  Components: storm-core
>Affects Versions: 2.0.0, 2.1.0
>Reporter: Luke Marjoram
>Priority: Major
>  Labels: pull-request-available
>
> Using the example StatefulWindowingTopology, when trying to update the log 
> level via command line with the following command a NullPointer is thrown in 
> the worker log and the log level is not updated.
> {code:java}
> storm set_log_level -l ROOT=DEBUG:0 test{code}
> {code:java}
> 2019-12-09 17:16:02.600+0100 o.a.s.s.o.a.c.f.i.CuratorFrameworkImpl 
> main-EventThread [ERROR] Event listener threw exception
> java.lang.NullPointerException: null
> at 
> java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) 
> ~[?:1.8.0_131]
> at org.apache.logging.log4j.Level.getLevel(Level.java:261) 
> ~[log4j-api-2.11.2.jar:2.11.2]
> at 
> org.apache.storm.daemon.worker.LogConfigManager.setLoggerLevel(LogConfigManager.java:145)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.daemon.worker.LogConfigManager.processLogConfigChange(LogConfigManager.java:98)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.daemon.worker.Worker.checkLogConfigChanged(Worker.java:422) 
> ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.cluster.StormClusterStateImpl.issueMapCallback(StormClusterStateImpl.java:177)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.cluster.StormClusterStateImpl$1.changed(StormClusterStateImpl.java:122)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.cluster.ZKStateStorage$ZkWatcherCallBack.execute(ZKStateStorage.java:243)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.zookeeper.ClientZookeeper.lambda$mkClientImpl$0(ClientZookeeper.java:314)
>  ~[storm-client-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.imps.CuratorFrameworkImpl$7.apply(CuratorFrameworkImpl.java:1048)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.imps.CuratorFrameworkImpl$7.apply(CuratorFrameworkImpl.java:1041)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.listen.ListenerContainer$1.run(ListenerContainer.java:100)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.shaded.com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.listen.ListenerContainer.forEach(ListenerContainer.java:92)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.imps.CuratorFrameworkImpl.processEvent(CuratorFrameworkImpl.java:1040)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.imps.CuratorFrameworkImpl.access$000(CuratorFrameworkImpl.java:66)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.framework.imps.CuratorFrameworkImpl$1.process(CuratorFrameworkImpl.java:126)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.curator.ConnectionState.process(ConnectionState.java:185)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.zookeeper.ClientCnxn$EventThread.processEvent(ClientCnxn.java:533)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]
> at 
> org.apache.storm.shade.org.apache.zookeeper.ClientCnxn$EventThread.run(ClientCnxn.java:508)
>  [storm-shaded-deps-2.1.0.jar:2.1.1-SNAPSHOT]{code}
> This appears to be a regression from the migration from clojure to java in 
> STORM-1267



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Comment Edited] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Commented] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Updated] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Created] (STORM-3553) Upgrade JQuery to 3.4.x

[jira] [Updated] (STORM-3552) Storm CLI set_log_level no longer updates the log level

7 matches

Site Navigation

Mail list logo

Footer information