andscoop opened a new pull request, #10304:
URL: https://github.com/apache/pinot/pull/10304
This PR bumps the patch version of hadoop due to several reported CVEs.
CVE-2022-25168 CVE-2021-37404 CVE-2022-26612 CVE-2022-25168 CVE-2021-37404
CVE-2021-33036 CVE-2021-25642
We have a much longer list that will involve updating many packages, so I
thought it best to break out these PRs to gain some confidence with pinots
resiliency to some of these version bumps.
Instructions:
1. The PR has to be tagged with at least one of the following labels (*):
1. `feature`
2. `bugfix`
3. `performance`
4. `ui`
5. `backward-incompat`
6. `release-notes` (**)
2. Remove these instructions before publishing the PR.
(*) Other labels to consider:
- `testing`
- `dependencies`
- `docker`
- `kubernetes`
- `observability`
- `security`
- `code-style`
- `extension-point`
- `refactor`
- `cleanup`
(**) Use `release-notes` label for scenarios like:
- New configuration options
- Deprecation of configurations
- Signature changes to public methods/interfaces
- New plugins added or old plugins removed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
