Skip to content

NIFI-12259 Upgrade Apache Santuario from 2.3.3 to 2.3.4#7916

Closed
exceptionfactory wants to merge 1 commit intoapache:mainfrom
exceptionfactory:NIFI-12259
Closed

NIFI-12259 Upgrade Apache Santuario from 2.3.3 to 2.3.4#7916
exceptionfactory wants to merge 1 commit intoapache:mainfrom
exceptionfactory:NIFI-12259

Conversation

@exceptionfactory
Copy link
Copy Markdown
Contributor

@exceptionfactory exceptionfactory commented Oct 20, 2023

Summary

NIFI-12259 Upgrades Apache Santuario XML Security from 2.3.3 to 2.3.4 to resolve CVE-2023-44483, related to sensitive information disclosure in debug log messages.

This upgrade applies to both main and support branches.

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

Pull Request Tracking

  • Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
  • Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

  • Pull Request based on current revision of the main branch
  • Pull Request refers to a feature branch with one commit containing changes

Verification

Please indicate the verification steps performed prior to pull request creation.

Build

  • Build completed using mvn clean install -P contrib-check
    • JDK 21

Licensing

  • New dependencies are compatible with the Apache License 2.0 according to the License Policy
  • New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

  • Documentation formatting appears as expected in rendered files

@exceptionfactory exceptionfactory mentioned this pull request Oct 21, 2023
Closed
@asfgit asfgit closed this in fc66771 Oct 23, 2023
asfgit pushed a commit that referenced this pull request Oct 23, 2023
@exceptionfactory @pvillard31
NIFI-12259 Upgraded Apache Santuario from 2.3.3 to 2.3.4
2385a47 
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #7916.
@exceptionfactory exceptionfactory added the hacktoberfest-accepted Hacktoberfest Accepted label Oct 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pvillard31 pvillard31 pvillard31 approved these changes

Assignees

No one assigned

Labels

hacktoberfest-accepted Hacktoberfest Accepted

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@exceptionfactory @pvillard31