search

stackabletech / docker-images

Apache License 2.0
15 stars 2 forks source link

druid: remove druid-ranger-security extension #681

Closed fhennig closed 1 month ago

fhennig commented 2 months ago

We do not want Ranger in the platform, and the extension has multiple critical vulnerabilities:

one way to exclude ranger is to remove the <module>extensions-core/druid-ranger-security</module> definition line from the pom.xml before building from source.

blocked - requires build from source to be done first

Once implemented, mark the CVEs as resolved in SecObserve

fhennig commented 2 months ago

Update: build from source has been merged: https://github.com/stackabletech/docker-images/pull/684

lfrancke commented 1 month ago

This is in Done but neither the PR are merged nor is this ticket closed?