[
https://issues.apache.org/jira/browse/HADOOP-16210?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16809606#comment-16809606
]
Gabor Bota commented on HADOOP-16210:
-------------------------------------
Thanks [~mackrorysd] and [[email protected]]. This jira is only for trunk, so
I will resolve this and add the fixed 3.3 to parent.
> Update guava to 27.0-jre in hadoop-project trunk
> ------------------------------------------------
>
> Key: HADOOP-16210
> URL: https://issues.apache.org/jira/browse/HADOOP-16210
> Project: Hadoop Common
> Issue Type: Sub-task
> Affects Versions: 3.3.0
> Reporter: Gabor Bota
> Assignee: Gabor Bota
> Priority: Critical
> Fix For: 3.3.0
>
> Attachments: HADOOP-16210.001.patch,
> HADOOP-16210.002.findbugsfix.wip.patch, HADOOP-16210.002.patch,
> HADOOP-16210.003.patch
>
>
> com.google.guava:guava should be upgraded to 27.0-jre due to new CVE's found
> CVE-2018-10237.
> This is a sub-task for trunk from HADOOP-15960 to track issues with that
> particular branch.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
