[
https://issues.apache.org/jira/browse/HADOOP-17571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17300298#comment-17300298
]
Ayush Saxena commented on HADOOP-17571:
---------------------------------------
Hey Everyone,
I think this upgrade is breaking {{TestConfTest}}
Ref:
[https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-2732/14/testReport/org.apache.hadoop.util/TestConfTest/testPropertyHasDuplicatedAttributeAndElement/]
Apart, It would have been good if we updated the LICENCE file as well with the
correct version here:
https://github.com/apache/hadoop/blob/trunk/LICENSE-binary#L228
I tried to fix the test, I upgraded org.codehaus.woodstox#stax2-api to 4.2.1
and it worked. I will file a Jira for these stuff, let me know if I am catching
it wrong
> Upgrade com.fasterxml.woodstox:woodstox-core for security reasons
> -----------------------------------------------------------------
>
> Key: HADOOP-17571
> URL: https://issues.apache.org/jira/browse/HADOOP-17571
> Project: Hadoop Common
> Issue Type: Task
> Reporter: Viraj Jasani
> Assignee: Viraj Jasani
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.3.1, 3.4.0, 3.1.5, 2.10.2, 3.2.3
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Due to security concerns (CVE: sonatype-2018-0624), we should bump up
> woodstox-core to 5.3.0.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
