[
https://issues.apache.org/jira/browse/HADOOP-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849178#comment-17849178
]
ASF GitHub Bot commented on HADOOP-18962:
-----------------------------------------
fuchaohong commented on code in PR #6247:
URL: https://github.com/apache/hadoop/pull/6247#discussion_r1612880528
##########
LICENSE-binary:
##########
@@ -376,7 +376,7 @@
hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/io/com
hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/fuse-dfs/util/tree.h
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/compat/{fstatat|openat|unlinkat}.h
-com.github.luben:zstd-jni:1.4.9-1
Review Comment:
Updated LICENSE-binary based on the following result.
`$mvn dependency:tree -pl hadoop-tools/hadoop-kafka\n
...
[INFO] +- org.apache.kafka:kafka-clients:jar:3.4.0:compile
[INFO] | +- com.github.luben:zstd-jni:jar:1.5.2-1:runtime
[INFO] | \- org.lz4:lz4-java:jar:1.7.1:runtime
`
it's right, org.lz4:lz4-java does not require updates.
> Upgrade kafka to 3.4.0
> ----------------------
>
> Key: HADOOP-18962
> URL: https://issues.apache.org/jira/browse/HADOOP-18962
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: D M Murali Krishna Reddy
> Assignee: D M Murali Krishna Reddy
> Priority: Major
> Labels: pull-request-available
>
> Upgrade kafka-clients to 3.4.0 to fix
> https://nvd.nist.gov/vuln/detail/CVE-2023-25194
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
