[jira] [Updated] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088)

Shilun Fan (Jira) Sun, 11 Feb 2024 05:02:05 -0800


     [ 
https://issues.apache.org/jira/browse/HADOOP-17220?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Shilun Fan updated HADOOP-17220:
--------------------------------
          Component/s: build
                       common
     Target Version/s: 3.3.1, 3.4.0
    Affects Version/s: 3.3.1
                       3.4.0

> Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088)
> ----------------------------------------------------
>
>                 Key: HADOOP-17220
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17220
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: build, common
>    Affects Versions: 3.3.1, 3.4.0
>            Reporter: Brahma Reddy Battula
>            Assignee: Brahma Reddy Battula
>            Priority: Major
>             Fix For: 3.3.1, 3.4.0
>
>         Attachments: HADOOP-17220-001.patch
>
>
> To address the following CVE, upgrade the slf4j to latest stable release 
> 1.7.30.
> [https://nvd.nist.gov/vuln/detail/CVE-2018-8088]
>  
> Note: We don't use EventData but should consider upgrading.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088)

Reply via email to