iwasakims commented on code in PR #4506:
URL: https://github.com/apache/hadoop/pull/4506#discussion_r907956267
##########
hadoop-project/pom.xml:
##########
@@ -1687,8 +1699,19 @@
<groupId>jdk.tools</groupId>
<artifactId>jdk.tools</artifactId>
</exclusion>
+ <!-- replace htrace-core with hbase-noop-htrace for CVE-2018-7489 -->
+ <exclusion>
+ <groupId>org.apache.htrace</groupId>
+ <artifactId>htrace-core</artifactId>
+ </exclusion>
</exclusions>
</dependency>
+ <!-- replace htrace-core with hbase-noop-htrace for CVE-2018-7489 -->
+ <dependency>
+ <groupId>org.apache.hbase.thirdparty</groupId>
+ <artifactId>hbase-noop-htrace</artifactId>
+ <version>4.1.1</version>
Review Comment:
This looks based on HTrace 4 which is completely incompatible with HTrace 3.
(like org.apache.htrace vs. org.apache.htrace.core). Did you see no issue on
running timelineservice with this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
