[
https://issues.apache.org/jira/browse/HADOOP-17440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17252851#comment-17252851
]
Steve Loughran commented on HADOOP-17440:
-----------------------------------------
-1.
we upgraded Guava for a CVE: https://www.cvedetails.com/cve/CVE-2018-10237/
yes, it broke things downstream. Yes, I hate that as my downstream code broke
too. No, I don't want to rollback.
If downstream projects want the older versions, they can exclude the -27
release and reimport the 11.x. What we shouldn't be doing is distributing a
version with known issues
> Downgrade guava version in trunk
> --------------------------------
>
> Key: HADOOP-17440
> URL: https://issues.apache.org/jira/browse/HADOOP-17440
> Project: Hadoop Common
> Issue Type: Task
> Reporter: Lisheng Sun
> Priority: Major
> Attachments: HADOOP-17440.001.patch
>
>
> See details the Jira HADOOP-17439 comments.
> h1.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
