[
https://issues.apache.org/jira/browse/CAMEL-18246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Dettinger updated CAMEL-18246:
-----------------------------------
Description:
It relates to
[CAMEL-QUARKUS-3763.|https://github.com/apache/camel-quarkus/issues/3763]
hdfs could be upgraded to 3.3.3, so that's ok.
However, hbase can't be updated to hadoop-common 2.10.2 as some tests fail.
Plus we are not sure whether 2.10.2 is really safer (HADOOP-18155).
was:
It relates to
[CAMEL-QUARKUS-3763|https://github.com/apache/camel-quarkus/issues/3763] where
hbase and hdfs are affected by
|CVE-2022-26612|https://nvd.nist.gov/vuln/detail/CVE-2022-26612].
According to HADOOP-18155, we need to upgrade to
org.apache.hadoop:hadoop-common >= 2.10.2, 3.2.3, 3.3.3, 3.4.0.
> CVE-2022-26612: Upgrade hadoop-common >= 3.3.3
> ----------------------------------------------
>
> Key: CAMEL-18246
> URL: https://issues.apache.org/jira/browse/CAMEL-18246
> Project: Camel
> Issue Type: Dependency upgrade
> Reporter: Alex Dettinger
> Assignee: Alex Dettinger
> Priority: Major
> Fix For: 3.18.1, 3.19.0
>
>
> It relates to
> [CAMEL-QUARKUS-3763.|https://github.com/apache/camel-quarkus/issues/3763]
> hdfs could be upgraded to 3.3.3, so that's ok.
> However, hbase can't be updated to hadoop-common 2.10.2 as some tests fail.
> Plus we are not sure whether 2.10.2 is really safer (HADOOP-18155).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
