[
https://issues.apache.org/jira/browse/HADOOP-18760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17730920#comment-17730920
]
Steve Loughran commented on HADOOP-18760:
-----------------------------------------
we need to get an aws sdk update in too, because of a netty cve.
I think that means that netty itself is going to need upgrading....
> 3.3.6 Release NOTICE and LICENSE file update
> --------------------------------------------
>
> Key: HADOOP-18760
> URL: https://issues.apache.org/jira/browse/HADOOP-18760
> Project: Hadoop Common
> Issue Type: Task
> Affects Versions: 3.3.6
> Reporter: Wei-Chiu Chuang
> Assignee: Wei-Chiu Chuang
> Priority: Blocker
>
> As far as I can tell looking at hadoop-project/pom.xml the only difference
> between 3.3.5 and 3.3.6 from a dependency point of view is mysql connector
> (HADOOP-18535) derby (HADOOP-18535, HADOOP-18693).
> Json-smart, snakeyaml and jetty, jettison are updated in LICENSE-binary
> already. grizzly was used in test scope only so its removal doesn't matter.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
