Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Apache Ignite 2.7.0 发布,替换大量安全漏洞依赖项

0
0

Apache Ignite 2.7.0 发布了,这是一个安全更新版本。

此版本替换了以下依赖项以避免用户受到第三方软件攻击:

Apache Log4j
https://nvd.nist.gov/vuln/detail/CVE-2017-5645
FasterXML jackson-databind
https://nvd.nist.gov/vuln/detail/CVE-2017-15095 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-17485 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-7525 ,
https://nvd.nist.gov/vuln/detail/CVE-2018-5968 ,
https://nvd.nist.gov/vuln/detail/CVE-2018-7489
Scala
https://nvd.nist.gov/vuln/detail/CVE-2017-15288
Apache Commons
https://nvd.nist.gov/vuln/detail/CVE-2015-6420 ,
https://nvd.nist.gov/vuln/detail/CVE-2015-7501 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-15708
Netty Project
https://nvd.nist.gov/vuln/detail/CVE-2016-4970
JCraft
https://nvd.nist.gov/vuln/detail/CVE-2016-5725
Apache Tomcat
https://nvd.nist.gov/vuln/detail/CVE-2016-3092 ,
https://nvd.nist.gov/vuln/detail/CVE-2016-8735 ,
https://nvd.nist.gov/vuln/detail/CVE-2018-8014
Guava
https://nvd.nist.gov/vuln/detail/CVE-2018-10237
Apache Camel
https://nvd.nist.gov/vuln/detail/CVE-2015-5344 ,
https://nvd.nist.gov/vuln/detail/CVE-2015-5348 ,
https://nvd.nist.gov/vuln/detail/CVE-2016-8749 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-12633 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-12634 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-3159 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-5643
Spring Framework
https://nvd.nist.gov/vuln/detail/CVE-2018-1257 ,
https://nvd.nist.gov/vuln/detail/CVE-2018-1258
Spring Data Commons
https://nvd.nist.gov/vuln/detail/CVE-2018-1259 ,
https://nvd.nist.gov/vuln/detail/CVE-2018-1273
Jetty
https://nvd.nist.gov/vuln/detail/CVE-2016-4800 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-9735 ,
https://nvd.nist.gov/vuln/detail/CVE-2016-4800 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-9735 ,
https://nvd.nist.gov/vuln/detail/CVE-2016-4800 ,
https://nvd.nist.gov/vuln/detail/CVE-2017-7658
Lucene
https://nvd.nist.gov/vuln/detail/CVE-2017-12629
Mitigation:
Upgrade to Apache Ignite 2.7 or later version

发布公告


Viewing all articles
Browse latest Browse all 12749