phoebe chen created HADOOP-18333: ------------------------------------ Summary: hadoop-client-runtime impact by CVE-2022-2047 due to shaded jetty Key: HADOOP-18333 URL: https://issues.apache.org/jira/browse/HADOOP-18333 Project: Hadoop Common Issue Type: Improvement Affects Versions: 3.3.3 Reporter: phoebe chen
CVE-2022-2047 is recently found for Eclipse Jetty, and impacts 9.4.0 thru 9.4.46. In latest 3.3.3 of hadoop-client-runtime, it shaded 9.4.43.v20210629 version jetty which is impacted. In Trunch, Jetty is in version 9.4.44.v20210927, which is still impacted. Need to upgrade Jetty Version. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org