[ https://issues.apache.org/jira/browse/PARQUET-1367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16567049#comment-16567049 ]
ASF GitHub Bot commented on PARQUET-1367: ----------------------------------------- mattdarwin opened a new pull request #508: PARQUET-1367 upgrade a few libs for security reasons URL: https://github.com/apache/parquet-mr/pull/508 There are a number of libraries which need updating. Among other reasons, there are [several security issues filed in CVE for Hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop] and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > upgrade libraries to work around security issues > ------------------------------------------------ > > Key: PARQUET-1367 > URL: https://issues.apache.org/jira/browse/PARQUET-1367 > Project: Parquet > Issue Type: Bug > Components: parquet-mr > Affects Versions: 1.10.0 > Reporter: Matt Darwin > Priority: Major > Labels: pull-request-available, security > Original Estimate: 1h > Remaining Estimate: 1h > > There are a number of libraries which need updating. Among other reasons, > there are [several security issues filed in CVE for > Hadoop|[https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop]|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop] > and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237) > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)