Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Java] security: upgrade all libraries to latest stable versions #17107

Closed
asfimport opened this issue Jul 20, 2017 · 3 comments
Closed

[Java] security: upgrade all libraries to latest stable versions #17107

asfimport opened this issue Jul 20, 2017 · 3 comments
Labels
Component: Java Type: enhancement
Milestone
0.6.0

Comments

@asfimport
Copy link

Some of the java libraries used are very old - e.g. commons-cli dates from 2009.

Rather than (or as well as) reacting to security vulnerabilities when they are discovered, we should pro-actively update all our libraries to the latest versions.

Reporter: Matt Darwin / @mattdarwin
Assignee: Matt Darwin / @mattdarwin

Note: This issue was originally created as ARROW-1243. Please see the migration documentation for further details.
@asfimport
Copy link
Author

Matt Darwin / @mattdarwin:
Fixed in PR 873 - please consider merging.

@asfimport
Copy link
Author

Wes McKinney / @wesm:
Since the 0.6.0 release timeline became compressed with the Plasma IP clearance, we have not gotten enough feedback yet on the patch. Accordingly (and in case that doesn't change in the next 24 hours), I moved this to 0.7.0, which should give enough time for downstream users to give feedback on the dependency upgrades

@asfimport
Copy link
Author

Wes McKinney / @wesm:
Issue resolved by pull request 873
#873

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Component: Java Type: enhancement
Projects
None yet
Milestone
0.6.0
Development

No branches or pull requests
1 participant
@asfimport