[ https://issues.apache.org/jira/browse/HADOOP-12767?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15735734#comment-15735734 ]
Kihwal Lee commented on HADOOP-12767: ------------------------------------- Can we pull in HADOOP-11859 to 2.7? What else is preventing this from going to 2.7? > update apache httpclient version to 4.5.2; httpcore to 4.4.4 > ------------------------------------------------------------ > > Key: HADOOP-12767 > URL: https://issues.apache.org/jira/browse/HADOOP-12767 > Project: Hadoop Common > Issue Type: Bug > Components: build > Affects Versions: 2.7.2 > Reporter: Artem Aliev > Assignee: Artem Aliev > Fix For: 2.8.0, 3.0.0-alpha1 > > Attachments: HADOOP-12767-branch-2-005.patch, > HADOOP-12767-branch-2.004.patch, HADOOP-12767-branch-2.005.patch, > HADOOP-12767.001.patch, HADOOP-12767.002.patch, HADOOP-12767.003.patch, > HADOOP-12767.004.patch > > > Various SSL security fixes are needed. See: CVE-2012-6153, CVE-2011-4461, > CVE-2014-3577, CVE-2015-5262. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org