[ https://issues.apache.org/jira/browse/HADOOP-18309?focusedWorklogId=784386&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-784386 ]
ASF GitHub Bot logged work on HADOOP-18309: ------------------------------------------- Author: ASF GitHub Bot Created on: 24/Jun/22 00:12 Start Date: 24/Jun/22 00:12 Worklog Time Spent: 10m Work Description: aajisaka commented on PR #4479: URL: https://github.com/apache/hadoop/pull/4479#issuecomment-1165034064 Thank you @ashutoshcipher for the contribution and thank you @iwasakims for testing and merging the PR. Issue Time Tracking ------------------- Worklog Id: (was: 784386) Time Spent: 40m (was: 0.5h) > Upgrade bundled Tomcat to 8.5.76 or higher > ------------------------------------------ > > Key: HADOOP-18309 > URL: https://issues.apache.org/jira/browse/HADOOP-18309 > Project: Hadoop Common > Issue Type: Improvement > Components: httpfs, kms > Affects Versions: 2.10.1, 2.10.2 > Reporter: Ashutosh Gupta > Assignee: Ashutosh Gupta > Priority: Major > Labels: pull-request-available > Fix For: 2.10.3 > > Time Spent: 40m > Remaining Estimate: 0h > > Currently we are using 8.5.75 which is affected by > {color:#222233}CVE-2022-25762{color} > More Details - > [https://lists.apache.org/thread/qzkqh2819x6zsmj7vwdf14ng2fdgckw7] > Lets upgrade 8.5.76 or higher > > -- This message was sent by Atlassian Jira (v8.20.7#820007) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org