[
https://issues.apache.org/jira/browse/HADOOP-18622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17685286#comment-17685286
]
Aleksandr Nikolaev edited comment on HADOOP-18622 at 2/7/23 12:47 PM:
----------------------------------------------------------------------
[~groot] This CVE in Apache Ant 1.10.11 is listed on the page
[mvnrepositiry|https://mvnrepository.com/artifact/org.apache.ant/ant/1.10.11]
I don't think this update will have a serious impact on security or problems
during assembly, I just wanted to look at the process of the contributor in
Apache Hadoop and possibly continue working on other existing CVE, as well as
analyzing them in the future.
was (Author: aonikolaev):
[~groot] This CVE in Apache Ant 1.10.11 is listed on the page
[mvnrepositiry|https://mvnrepository.com/artifact/org.apache.ant/ant/1.10.11]
> Upgrade ant to 1.10.13
> ----------------------
>
> Key: HADOOP-18622
> URL: https://issues.apache.org/jira/browse/HADOOP-18622
> Project: Hadoop Common
> Issue Type: Improvement
> Reporter: Aleksandr Nikolaev
> Assignee: Ashutosh Gupta
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.4.0, 3.3.5
>
>
> lnerabilities reported in org.apache.ant:ant:1.10.11
> *
> [CVE-2022-23437|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437]
> *
> [CVE-2020-14338|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14338]
> suggested: org.apache.ant:ant ~> 1.10.13
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
