Skip to content

KAFKA-2866: Bump up commons-collections version to 3.2.2 to address a…#564

Closed
granthenke wants to merge 1 commit intoapache:trunkfrom
granthenke:commons
Closed

KAFKA-2866: Bump up commons-collections version to 3.2.2 to address a…#564
granthenke wants to merge 1 commit intoapache:trunkfrom
granthenke:commons

Conversation

@granthenke
Copy link
Copy Markdown
Member

… security flaw

@granthenke
Copy link
Copy Markdown
Member Author

This is not a huge deal since its only in test dependencies. But since we publish test jars in maven and the fix is easy...I figure we should fix it.

@ijuma
Copy link
Copy Markdown
Member

ijuma commented Nov 30, 2015

Do we know which dependencies are bringing this transitively?

@granthenke
Copy link
Copy Markdown
Member Author

This is brought in via org.apache.hadoop:hadoop-minikdc:2.7.1.

HADOOP-12577 should fix this in 2.7.2. When 2.7.2 is released we can upgrade minikdc and remove this addition.

@ijuma
Copy link
Copy Markdown
Member

ijuma commented Nov 30, 2015

I'd probably just wait for minikdc 2.7.2 (seems like it will be out soon apache/hadoop@97a98b6) since the issue only affects test jars and we are not publishing new test jars so soon anyway.

@granthenke granthenke closed this Feb 11, 2016
@granthenke granthenke deleted the commons branch February 17, 2016 06:07
efeg pushed a commit to efeg/kafka that referenced this pull request Jan 29, 2020
C0urante pushed a commit to C0urante/kafka that referenced this pull request May 26, 2021
jeffkbkim pushed a commit to jeffkbkim/kafka that referenced this pull request Oct 22, 2021
jeffkbkim pushed a commit to jeffkbkim/kafka that referenced this pull request Oct 22, 2021
jeffkbkim pushed a commit to jeffkbkim/kafka that referenced this pull request Oct 22, 2021
jeffkbkim pushed a commit to jeffkbkim/kafka that referenced this pull request Oct 22, 2021
jeffkbkim pushed a commit to jeffkbkim/kafka that referenced this pull request Oct 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants