[jira] [Work logged] (HADOOP-18101) Bump aliyun-sdk-oss to 3.13.1

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HADOOP-18101?focusedWorklogId=718400&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-718400
 ]

ASF GitHub Bot logged work on HADOOP-18101:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 01/Feb/22 03:32
            Start Date: 01/Feb/22 03:32
    Worklog Time Spent: 10m 
      Work Description: aswinshakil opened a new pull request #3951:
URL: https://github.com/apache/hadoop/pull/3951


   <!--
     Thanks for sending a pull request!
       1. If this is your first time, please read our contributor guidelines: 
https://cwiki.apache.org/confluence/display/HADOOP/How+To+Contribute
       2. Make sure your PR title starts with JIRA issue id, e.g., 
'HADOOP-17799. Your PR title ...'.
   -->
   
   ### Description of PR
   
   The current aliyun-sdk-oss 3.13.0 is affected by 
[CVE-2021-33813](https://github.com/advisories/GHSA-2363-cqg2-863c) due to jdom 
2.0.6. aliyun-sdk-oss version 
[3.13.1](https://github.com/aliyun/aliyun-oss-java-sdk/releases/tag/3.13.1) has 
fixed it.
   
   ### How was this patch tested?
   
   Confirmed that it has been fixed in v3.13.1 with the following 
[patch](https://github.com/aliyun/aliyun-oss-java-sdk/pull/381)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 718400)
    Remaining Estimate: 0h
            Time Spent: 10m

> Bump aliyun-sdk-oss to 3.13.1
> -----------------------------
>
>                 Key: HADOOP-18101
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18101
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Aswin Shakil Balasubramanian
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The current aliyun-sdk-oss 3.13.0 is affected by 
> [CVE-2021-33813|https://github.com/advisories/GHSA-2363-cqg2-863c] due to 
> jdom. Version [3.13.1 
> |https://github.com/aliyun/aliyun-oss-java-sdk/releases/tag/3.13.1]has fixed 
> it.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org