[ https://issues.apache.org/jira/browse/IMPALA-9649?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Knupp reopened IMPALA-9649: --------------------------------- > Exclude shiro-crypto-core and shiro-core jars from maven download > ----------------------------------------------------------------- > > Key: IMPALA-9649 > URL: https://issues.apache.org/jira/browse/IMPALA-9649 > Project: IMPALA > Issue Type: Bug > Components: Frontend > Affects Versions: Impala 4.0 > Reporter: David Knupp > Assignee: David Knupp > Priority: Major > Fix For: Impala 4.0 > > > These jars have known security vulnerabilities. They are included as part of > Sentry, and are not used by Impala directly. > There's a currently a plan to remove Sentry altogether, but since will > require non-trivial effort, until that time, let's exclude these items from > the maven download. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org