Java vulnerability in KNIME dependency
ScottKolmar opened this issue · comments
Hello,
OPERA has been super useful, I'm a huge fan.
I have run into one problem though, which is that the underlying version of KNIME (4.1.1) uses an older version of the Java Runtime Environment (JRE), which is _jre.linux.x86_64_1.8.0.202-b08. This JRE has been flagged by my institution as being a security vulnerability.
I'm running OPERA in a docker container with an Ubuntu image, and I actually do install Ubuntu's default JRE (a more current and safe version) in the dockerfile, but the underlying version of KNIME still uses the old JRE. Is there a way to use the more current JRE? I don't know if installing the newer JRE in a certain folder might fix that.
Otherwise, can the underlying version of KNIME be updated? I imagine a more recent version of KNIME would probably have a newer JRE too.
Thanks!
Hi Scott!
Thanks a lot for using OPERA and for reporting the issue.
There is a new version in the making and when released, it'll use a newer version of KNIME.
Best,
Kamel
Knime updated to 4.5 in the new OPERA v2.8