[
https://issues.apache.org/jira/browse/HADOOP-15815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662946#comment-16662946
]
Bharat Viswanadham commented on HADOOP-15815:
---------------------------------------------
>From the Jira comments
MSHADE-242 is happening in case of minifying the jar, this issue happens when
relocating classes of jars with a module descriptor. This will also mean that
it'll break the intended strong encapsulation.
Java 9 will not provide a solution for that yet, so I guess we'll have to log a
warning as well.
It might impact Java 9, as this oms 6 supports java 9. But I have not
completely understood the issue or will it affect Java 8?
Is this what you are asking [~busbey]
Tagging [~ajisakaa] for help on this to know any impact it will create just by
upgrading the maven shaded plugin version and ignore this warning.
> Upgrade Eclipse Jetty version due to security concerns
> ------------------------------------------------------
>
> Key: HADOOP-15815
> URL: https://issues.apache.org/jira/browse/HADOOP-15815
> Project: Hadoop Common
> Issue Type: Task
> Affects Versions: 3.1.1, 3.0.3
> Reporter: Boris Vulikh
> Assignee: Boris Vulikh
> Priority: Major
> Attachments: HADOOP-15815.01-2.patch
>
>
> *
> [CVE-2017-7657|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7657]
> *
> [CVE-2017-7658|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7658]
> *
> [CVE-2017-7656|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7656]
> *
> [CVE-2018-12536|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12536]
> We should upgrade the dependency to version 9.3.24 or the latest, if possible.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
