Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-12618 Upgraded Azure SDK BOM from 1.2.18 to 1.2.19 

- Suppressed CVE-2023-36052 not applicable to Java Azure libraries

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #8254.
This commit is contained in:
exceptionfactory 2024-01-16 10:51:11 -06:00 committed by Pierre Villard
parent 3b5d729a3a
commit c6f5f534cb
No known key found for this signature in database
GPG Key ID: F92A93B30C07C6D5
3 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nifi-commons/nifi-property-protection-azure/pom.xml
View File

@ -26,7 +26,7 @@
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-sdk-bom</artifactId>
<version>1.2.18</version>
<version>1.2.19</version>
<scope>import</scope>
<type>pom</type>
</dependency>

5
nifi-dependency-check-maven/suppressions.xml
View File

@ -444,4 +444,9 @@
<packageUrl regex="true">^pkg:maven/info\.picocli/picocli@.*$</packageUrl>
<cve>CVE-2015-0897</cve>
</suppress>
<suppress>
<notes>CVE-2023-36052 applies to Azure CLI not Azure Java libraries</notes>
<packageUrl regex="true">^pkg:maven/com\.azure/.*$</packageUrl>
<cve>CVE-2023-36052</cve>
</suppress>
</suppressions>

4
nifi-nar-bundles/nifi-azure-bundle/pom.xml
View File

@ -27,8 +27,8 @@
<packaging>pom</packaging>
<properties>
<azure.sdk.bom.version>1.2.18</azure.sdk.bom.version>
<msal4j.version>1.14.0</msal4j.version>
<azure.sdk.bom.version>1.2.19</azure.sdk.bom.version>
<msal4j.version>1.14.2</msal4j.version>
<qpid.proton.version>0.34.1</qpid.proton.version>
</properties>