[jira] [Commented] (HADOOP-12710) Remove dependency on commons-httpclient for TestHttpServerLogs

Haohui Mai (JIRA) Mon, 08 Feb 2016 10:40:53 -0800

    [ 
https://issues.apache.org/jira/browse/HADOOP-12710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15137442#comment-15137442
 ]


Haohui Mai commented on HADOOP-12710:
-------------------------------------

If it contains security vulnerabilities we should definitely revisit the 
decision in HADOOP-12552.

> Remove dependency on commons-httpclient for TestHttpServerLogs
> --------------------------------------------------------------
>
>                 Key: HADOOP-12710
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12710
>             Project: Hadoop Common
>          Issue Type: Sub-task
>    Affects Versions: 3.0.0
>            Reporter: Wei-Chiu Chuang
>            Assignee: Wei-Chiu Chuang
>         Attachments: HADOOP-12710.001.patch
>
>
> Commons-httpclient has long been EOL. Critically, it has several security 
> vulnerabilities: CVE-2012-5783 
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5783.
> I saw a recent commit that depends on commons-httpclient for 
> TestHttpServerLogs (HADOOP-12625) This JIRA intends to replace the dependency 
> with httpclient APIs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HADOOP-12710) Remove dependency on commons-httpclient for TestHttpServerLogs

Reply via email to