Uploaded image for project: 'Data Collection, Analytics, and Events'
  1. Data Collection, Analytics, and Events
  2. DCAEGEN2-2768 SECCOM - DCAE Vulnerability updates for Istanbul
  3. DCAEGEN2-2806

Mapper security vulnerability updates

XMLWordPrintable

      Mapper version revision required as noted on last column

       

      Status Priority Component name and version Threat level Recommended version Project’s assessment/Istanbul Target (M2)
      OPEN 1 xstream : 1.4.11.1 9
      9
      9
      9
      9
      9
      8
      8
      7
      7
      7
      6      		 1.4.16 As there is 1.4.17 available with no policy voilation, try upgrading to it for Istanbul
      OPEN 1 log4j : 1.2.17 9 2.14.1 (log4j-core) 1.2.17 is the latest version; log4j-core is different library. No change for istanbul
      OPEN 2 httpclient : 4.5.8 5 4.5.13 Update per SECCOM recommended version
      OPEN 2  xercesImpl : 2.12.1 5 ??? Already on latest; no change for istanbul
      OPEN   org.codehaus.groovy : groovy-all : 2.4.14 6   Select 2.4.21: Next version with no policy violation

       

            mukesh.paliwal mukesh.paliwal
            vv770d vv770d
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: