+1
On 8/31/20, 7:19 PM, "Owen Nichols" wrote:
Recently shiro-1.5.3.jar is getting flagged for ‘high’ security
vulnerability CVE-2020-13933.
Analysis shows that Geode does not use Shiro in a manner that would expose
this vulnerability.
The risk of bringing GEODE-8456 is low (diff
Sarah Abbey wrote:
>
> > +1
> >
> > From: Ju@N
> > Sent: Tuesday, September 1, 2020 4:10 AM
> > To: dev@geode.apache.org
> > Subject: Re: Proposal to bring GEODE-8456 (shiro upgrade) to support
> > Sent: Tuesday, September 1, 2020 4:10 AM
> > To: dev@geode.apache.org
> > Subject: Re: Proposal to bring GEODE-8456 (shiro upgrade) to support
> > branches
> >
> > +1
> >
> > On Tue, 1 Sep 2020 at 01:11, Donal Evans wrote:
> >
> > &
+1
On Tue, Sep 1, 2020 at 6:19 AM Sarah Abbey wrote:
> +1
>
> From: Ju@N
> Sent: Tuesday, September 1, 2020 4:10 AM
> To: dev@geode.apache.org
> Subject: Re: Proposal to bring GEODE-8456 (shiro upgrade) to support
> branches
>
> +1
&
+1
From: Ju@N
Sent: Tuesday, September 1, 2020 4:10 AM
To: dev@geode.apache.org
Subject: Re: Proposal to bring GEODE-8456 (shiro upgrade) to support branches
+1
On Tue, 1 Sep 2020 at 01:11, Donal Evans wrote:
> +1
>
> We still have outstandin
nt: Monday, August 31, 2020 4:19 PM
> To: dev@geode.apache.org
> Subject: Proposal to bring GEODE-8456 (shiro upgrade) to support branches
>
> Recently shiro-1.5.3.jar is getting flagged for ‘high’ security
> vulnerability CVE-2020-13933.
>
> Analysis shows that Geode does n
GEODE-8456 (shiro upgrade) to support branches
Recently shiro-1.5.3.jar is getting flagged for ‘high’ security vulnerability
CVE-2020-13933.
Analysis shows that Geode does not use Shiro in a manner that would expose this
vulnerability.
The risk of bringing GEODE-8456 is low (difference between
Recently shiro-1.5.3.jar is getting flagged for ‘high’ security vulnerability
CVE-2020-13933.
Analysis shows that Geode does not use Shiro in a manner that would expose this
vulnerability.
The risk of bringing GEODE-8456 is low (difference between Shiro 1.5.3 and
1.6.0 is bugfix and dependency
