[
https://issues.apache.org/jira/browse/HADOOP-18198?focusedWorklogId=758388&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-758388
]
ASF GitHub Bot logged work on HADOOP-18198:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 19/Apr/22 10:40
Start Date: 19/Apr/22 10:40
Worklog Time Spent: 10m
Work Description: steveloughran closed pull request #4164: HADOOP-18198.
patch chain for Hadoop 3.3.3
URL: https://github.com/apache/hadoop/pull/4164
Issue Time Tracking
-------------------
Worklog Id: (was: 758388)
Time Spent: 40m (was: 0.5h)
> Release Hadoop 3.3.3: hadoop-3.3.2 with some fixes
> --------------------------------------------------
>
> Key: HADOOP-18198
> URL: https://issues.apache.org/jira/browse/HADOOP-18198
> Project: Hadoop Common
> Issue Type: Task
> Components: build
> Affects Versions: 3.3.2
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Major
> Labels: pull-request-available
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Hadoop 3.3.3 is a minor followup release to Hadoop 3.3.2 with all the
> incremental changes which went in to the 3.2.4 release
> * minor CVE fixes in Hadoop source
> * CVE fixes in dependencies we know of (protobuf unmarshalling leading to DoS)
> * replacement of log4j 1.2.17 to reload4j
> * node.js update
> This is not a release off branch-3.3, it is a fork of 3.3.2 with the changes.
> The next release of branch-3.3 will be numbered hadoop-3.4; updating maven
> versions and JIRA fix versions is part of this release process.
> The changes here are already in branch 3.2.4; this completes the set
> CVEs fixed
> * CVE-2022-26612: Apache Hadoop: Arbitrary file write in
> FileUtil#unpackEntries on Windows (HADOOP-18155)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
