[
https://issues.apache.org/jira/browse/HADOOP-17860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17403326#comment-17403326
]
Renukaprasad C commented on HADOOP-17860:
-----------------------------------------
Duplicate of HADOOP-13363, which is already available in 3.3.X release. Code
changes are quite huge, also could impact compatibility which is not backported
to odler versions.
CC: [~hemanthboyina] [[email protected]] [~hexiaoqiao]
> Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities
> #CVE-2015-5237
> -------------------------------------------------------------------------------------
>
> Key: HADOOP-17860
> URL: https://issues.apache.org/jira/browse/HADOOP-17860
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Sushanta Sen
> Priority: Major
>
> Third party jar protobuf-java-2.5.0.jar reports vulnerability # CVE-2015-5237
> and need to be upgraded.
> Please review and let me know if you have any concerns or would like to add
> more details to upgrade.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
