Aman Raj created TEZ-4426:
-----------------------------
Summary: [CVE-2018-1000620] Upgrade cryptiles version from 2.0.5
to 4.1.2 to fix vulnerability
Key: TEZ-4426
URL: https://issues.apache.org/jira/browse/TEZ-4426
Project: Apache Tez
Issue Type: Sub-task
Reporter: Aman Raj
Versions of {{cryptiles}} prior to 4.1.2 are vulnerable to Insufficient
Entropy. The {{randomDigits()}} method does not provide sufficient entropy and
its generates digits that are not evenly distributed.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
