druid icon indicating copy to clipboard operation
druid copied to clipboard
verified publisher icon apache

Fix Apache Commons Text CVE-2022-42889

Open wcc526 opened this issue 3 years ago • 1 comments

Fix Apache Commons Text CVE-2022-42889

https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Fixes #XXXX.

Description

Fixed the bug ...

Renamed the class ...

Added a forbidden-apis entry ...

Release note

For tips about how to write a good release note, see Release notes.

Key changed/added classes in this PR
  • MyFoo
  • OurBar
  • TheirBaz

This PR has:

  • [ ] been self-reviewed.
    • [ ] using the concurrency checklist (Remove this item if the PR doesn't have any relation to concurrency.)
  • [ ] added documentation for new or modified features or behaviors.
  • [ ] a release note entry in the PR description.
  • [ ] added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • [ ] added or updated version, license, or notice information in licenses.yaml
  • [ ] added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • [ ] added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • [ ] added integration tests.
  • [ ] been tested in a test Druid cluster.

wcc526 avatar Oct 14 '22 02:10 wcc526

@wcc526 , thanks for the change! For the build to pass, please update the licenses.yaml file as well.

kfaraz avatar Oct 14 '22 03:10 kfaraz