[
https://issues.apache.org/jira/browse/HADOOP-18350?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17571833#comment-17571833
]
Bilna edited comment on HADOOP-18350 at 7/27/22 10:35 AM:
----------------------------------------------------------
Thanks [[email protected]]
There are CVEs on io.netty dependencies which is again comes through
aws-java-sdk-bundle.
So will that be taken care of?
was (Author: JIRAUSER293110):
Thanks [[email protected]]
> Support for hadoop-aws with aws-java-sdk-bundle with version greater than
> 1.12.220
> ----------------------------------------------------------------------------------
>
> Key: HADOOP-18350
> URL: https://issues.apache.org/jira/browse/HADOOP-18350
> Project: Hadoop Common
> Issue Type: Wish
> Components: fs/s3
> Reporter: Bilna
> Priority: Major
>
> There are CVEs like CVE-2021-37137 and many, listed from
> aws-java-sdk-bundle with version 1.11.375 and the fix is available in
> versions higher than 1.12.220. It will be great if we have a hadoop-aws with
> aws-java-sdk-bundle.jar with latest version. Will you be able to provide the
> same? If so may I know approximately when can I expect it?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
