<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:52:29 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[JAVA-518] Remove Calls to exec() Due to Security Concerns</title>
                <link>https://jira.mongodb.org/browse/JAVA-518</link>
                <project id="10006" key="JAVA">Java Driver</project>
                    <description>&lt;p&gt;The following lines call Runtime.getRuntime().exec():&lt;/p&gt;

&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;./src/main/com/mongodb/io/StreamUtil.java:44:        Process p = Runtime.getRuntime().exec( command );&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;./src/main/com/mongodb/util/TestCase.java:251:        Process p = Runtime.getRuntime().exec( &quot;find &quot; + dir );&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;This is causing an issue with a security audit.  Can they be removed or moved to the test source directory?&lt;/p&gt;</description>
                <environment>Java driver 2.7.2 - non-env specific</environment>
        <key id="30175">JAVA-518</key>
            <summary>Remove Calls to exec() Due to Security Concerns</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="jeff.yemin@mongodb.com">Jeffrey Yemin</assignee>
                                    <reporter username="martin.hermes@sap.com">Martin Hermes</reporter>
                        <labels>
                    </labels>
                <created>Wed, 8 Feb 2012 14:25:01 +0000</created>
                <updated>Mon, 18 Jun 2012 19:36:11 +0000</updated>
                            <resolved>Wed, 8 Feb 2012 14:52:37 +0000</resolved>
                                    <version>2.7.2</version>
                                    <fixVersion>2.8.0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="134056" author="jeff.yemin" created="Mon, 18 Jun 2012 19:36:11 +0000"  >&lt;p&gt;Closing for 2.8.0 release.&lt;/p&gt;</comment>
                            <comment id="86495" author="auto" created="Wed, 8 Feb 2012 14:52:17 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;jyemin&apos;, u&apos;email&apos;: u&apos;jeff.yemin@10gen.com&apos;, u&apos;name&apos;: u&apos;Jeff Yemin&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-518&quot; title=&quot;Remove Calls to exec() Due to Security Concerns&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-518&quot;&gt;&lt;del&gt;JAVA-518&lt;/del&gt;&lt;/a&gt;: moving classes from src/main to src/test, because that&apos;s where they belong.  Also removed unused ZipUtil class&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/commit/560b2682f90e39c99b4b2a1ff810da7a1b7c7a24&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/commit/560b2682f90e39c99b4b2a1ff810da7a1b7c7a24&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="86494" author="jeff.yemin" created="Wed, 8 Feb 2012 14:50:03 +0000"  >&lt;p&gt;Note that technically this is a backward breaking change, since it&apos;s conceivable, though unlikely, that some client of the driver is relying on those classes.&lt;/p&gt;</comment>
                            <comment id="86488" author="scotthernandez" created="Wed, 8 Feb 2012 14:30:07 +0000"  >&lt;p&gt;The StreamUtil method is not used by the driver.&lt;/p&gt;

&lt;p&gt;TestCase.java can be moved to the test dir; it is only used during testing.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                                        </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10011"><![CDATA[Minor Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrgka7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>10241</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>