[
https://issues.apache.org/jira/browse/PARQUET-1367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16567049#comment-16567049
]
ASF GitHub Bot commented on PARQUET-1367:
-----------------------------------------
mattdarwin opened a new pull request #508: PARQUET-1367 upgrade a few libs for
security reasons
URL: https://github.com/apache/parquet-mr/pull/508
There are a number of libraries which need updating. Among other reasons,
there are [several security issues filed in CVE for
Hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop]
and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> upgrade libraries to work around security issues
> ------------------------------------------------
>
> Key: PARQUET-1367
> URL: https://issues.apache.org/jira/browse/PARQUET-1367
> Project: Parquet
> Issue Type: Bug
> Components: parquet-mr
> Affects Versions: 1.10.0
> Reporter: Matt Darwin
> Priority: Major
> Labels: pull-request-available, security
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> There are a number of libraries which need updating. Among other reasons,
> there are [several security issues filed in CVE for
> Hadoop|[https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop]|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop]
> and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237)
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
