[jira] [Created] (HADOOP-19481) Upgrade to com.google.guava 32.1.3-jre to fix CVE-2023-2976 and CVE-2020-8908

Bartosz Kosiorek (Jira) Wed, 05 Mar 2025 10:58:04 -0800

Bartosz Kosiorek created HADOOP-19481:
-----------------------------------------


             Summary: Upgrade to com.google.guava 32.1.3-jre to fix 
CVE-2023-2976 and CVE-2020-8908
                 Key: HADOOP-19481
                 URL: https://issues.apache.org/jira/browse/HADOOP-19481
             Project: Hadoop Common
          Issue Type: Task
            Reporter: Bartosz Kosiorek


Upgrade com.google.guava library to 32.1.3-jre to fix:
 * [CVE-2023-2976|https://github.com/advisories/GHSA-7g45-4rm6-3mm3]
 * [CVE-2020-8908|https://github.com/advisories/GHSA-5mg8-w23w-74h3]

Link to PR example:
[https://github.com/apache/hadoop/pull/7458]

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

[jira] [Created] (HADOOP-19481) Upgrade to com.google.guava 32.1.3-jre to fix CVE-2023-2976 and CVE-2020-8908

Reply via email to