[HIVE-25785] Upgrade xmlsec to 2.1.7/2.2.3 due to CVE-2021-40690 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: Hive, Security
Labels:
- pull-request-available

Target Version/s:

4.0.0

Description

Hive is currently pulling in xmlsec 2.2.1. This needs to be upgraded to 2.2.3+ due to CVE-2021-40690.

Attachments

Issue Links

links to

GitHub Pull Request #2850

Activity

People

Assignee:: Sai Hemanth Gantasala

Reporter:: Sai Hemanth Gantasala

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 07/Dec/21 18:29

Updated:: 13/Dec/21 20:53

Resolved:: 13/Dec/21 20:18

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

0.5h