[
https://issues.apache.org/jira/browse/HADOOP-18198?focusedWorklogId=758452&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-758452
]
ASF GitHub Bot logged work on HADOOP-18198:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 19/Apr/22 13:05
Start Date: 19/Apr/22 13:05
Worklog Time Spent: 10m
Work Description: steveloughran opened a new pull request, #4202:
URL: https://github.com/apache/hadoop/pull/4202
Adds the 3.3.2 jdiff files which were left out of the
release commit...the ones the release doc didn't mention.
This is needed for the 3.3.3 build to complete.
### How was this patch tested?
this is a working branch to sync between my dev machine and the machine
running create-release;
testing in progress.
### For code changes:
- [ ] Does the title or this PR starts with the corresponding JIRA issue id
(e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the
endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`,
`NOTICE-binary` files?
Issue Time Tracking
-------------------
Worklog Id: (was: 758452)
Time Spent: 50m (was: 40m)
> Release Hadoop 3.3.3: hadoop-3.3.2 with some fixes
> --------------------------------------------------
>
> Key: HADOOP-18198
> URL: https://issues.apache.org/jira/browse/HADOOP-18198
> Project: Hadoop Common
> Issue Type: Task
> Components: build
> Affects Versions: 3.3.2
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> Hadoop 3.3.3 is a minor followup release to Hadoop 3.3.2 with all the
> incremental changes which went in to the 3.2.4 release
> * minor CVE fixes in Hadoop source
> * CVE fixes in dependencies we know of (protobuf unmarshalling leading to DoS)
> * replacement of log4j 1.2.17 to reload4j
> * node.js update
> This is not a release off branch-3.3, it is a fork of 3.3.2 with the changes.
> The next release of branch-3.3 will be numbered hadoop-3.4; updating maven
> versions and JIRA fix versions is part of this release process.
> The changes here are already in branch 3.2.4; this completes the set
> CVEs fixed
> * CVE-2022-26612: Apache Hadoop: Arbitrary file write in
> FileUtil#unpackEntries on Windows (HADOOP-18155)
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
