[jira] [Work logged] (HADOOP-17563) Update Bouncy Castle to 1.68

Thu, 04 Mar 2021 22:29:06 -0800 


     [ 
https://issues.apache.org/jira/browse/HADOOP-17563?focusedWorklogId=561303&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-561303
 ]

ASF GitHub Bot logged work on HADOOP-17563:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 05/Mar/21 06:28
            Start Date: 05/Mar/21 06:28
    Worklog Time Spent: 10m 
      Work Description: aajisaka commented on pull request #2740:
URL: https://github.com/apache/hadoop/pull/2740#issuecomment-791189488


   ```
   [2021-03-04T17:29:23.253Z]  Failed junit tests  |  
hadoop.yarn.server.router.clientrm.TestFederationClientInterceptor 
   [2021-03-04T17:29:23.253Z]                      |  
hadoop.tools.dynamometer.TestDynamometerInfra 
   [2021-03-04T17:29:23.253Z]                      |  
hadoop.yarn.sls.nodemanager.TestNMSimulator 
   [2021-03-04T17:29:23.253Z]                      |  
hadoop.yarn.sls.TestReservationSystemInvariants 
   [2021-03-04T17:29:23.253Z]                      |  
hadoop.hdfs.server.namenode.ha.TestPipelinesFailover 
   ```
   I think the test failures are not related to the upgrade. +1.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 561303)
    Time Spent: 1h  (was: 50m)

> Update Bouncy Castle to 1.68
> ----------------------------
>
>                 Key: HADOOP-17563
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17563
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: Takanobu Asanuma
>            Assignee: Takanobu Asanuma
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> Bouncy Castle 1.60 has Hash Collision Vulnerability. Let's update to 1.68.
> https://www.sourceclear.com/vulnerability-database/security/hash-collision/java/sid-6009



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to