[
https://issues.apache.org/jira/browse/HADOOP-17917?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17417923#comment-17417923
]
Akira Ajisaka edited comment on HADOOP-17917 at 9/21/21, 5:41 AM:
------------------------------------------------------------------
+1 for the v2 patch, pending Jenkins.
was (Author: ajisakaa):
+1, pending Jenkins.
> Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611
> ---------------------------------------------------------------
>
> Key: HADOOP-17917
> URL: https://issues.apache.org/jira/browse/HADOOP-17917
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Brahma Reddy Battula
> Assignee: Brahma Reddy Battula
> Priority: Major
> Attachments: HADOOP-17917-branch-3.2-001.patch,
> HADOOP-17917-branch-3.2-002.patch
>
>
> Now the version is 0.8.2.1 and it has net.jpountz.lz4:lz4:1.2.0 dependency,
> which is vulnerable.
> ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4611])
>
> cc./ [~aajisaka]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
