[jira] [Created] (HADOOP-19289) upgrade to protobuf-java 3.25.5 due to CVE-2024-7254

PJ Fanning (Jira) Wed, 25 Sep 2024 09:51:20 -0700

PJ Fanning created HADOOP-19289:
-----------------------------------

             Summary: upgrade to protobuf-java 3.25.5 due to CVE-2024-7254
                 Key: HADOOP-19289
                 URL: https://issues.apache.org/jira/browse/HADOOP-19289
             Project: Hadoop Common
          Issue Type: Task
          Components: common
            Reporter: PJ Fanning



https://github.com/advisories/GHSA-735f-pc8j-v9w8

Presumably protobuf encoded messages in Hadoop come from trusted sources but it 
is still useful to upgrade the jar.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

[jira] [Created] (HADOOP-19289) upgrade to protobuf-java 3.25.5 due to CVE-2024-7254

Reply via email to