[
https://issues.apache.org/jira/browse/HADOOP-19791?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18055418#comment-18055418
]
ASF GitHub Bot commented on HADOOP-19791:
-----------------------------------------
shub-est commented on PR #8213:
URL: https://github.com/apache/hadoop/pull/8213#issuecomment-3823220925
Hi @steveloughran @pjfanning, thank you for reviewing the PR.
Is it okay to use this PR and ticket to upgrade the Protobuf Java and Guava
across the entire project while also removing the CVE?
Alternatively, I can create a separate PR just upgrading Protobuf and Guava
across the entire project.
Appreciate your guidance here, thanks
> Upgrade Google Cloud Storage to remediate CVEs
> ----------------------------------------------
>
> Key: HADOOP-19791
> URL: https://issues.apache.org/jira/browse/HADOOP-19791
> Project: Hadoop Common
> Issue Type: Task
> Components: cloud-storage, fs/gcs, hadoop-thirdparty
> Affects Versions: 3.4.2
> Reporter: Shubham Kalloli
> Priority: Major
> Labels: pull-request-available
> Attachments: report.html
>
>
> Upgrading Google Cloud Storage from 2.52.0 to 2.62.0 to remediate
> CVE-2025-55163
> Updating Guava and Protobuf to prevent conflicts
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
