[
https://issues.apache.org/jira/browse/DRILL-8164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17505231#comment-17505231
]
ASF GitHub Bot commented on DRILL-8164:
---------------------------------------
luocooong opened a new pull request #2493:
URL: https://github.com/apache/drill/pull/2493
# [DRILL-8164](https://issues.apache.org/jira/browse/DRILL-8164): Upgrade
metadata-extractor because of CVE-2022-24613
## Description
Also included the DRILL-8165 (Upgrade liquibase because of CVE-2022-0839).
Please note that we should replace the `DatabaseFactory.getInstance()` with
`Scope.getCurrentScope().getSingleton(DatabaseFactory.class)` once the
following issue is resolved.
https://github.com/liquibase/liquibase/issues/2349
## Documentation
N/A
## Testing
Use the CI.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
> Upgrade metadata-extractor because of CVE-2022-24613
> ----------------------------------------------------
>
> Key: DRILL-8164
> URL: https://issues.apache.org/jira/browse/DRILL-8164
> Project: Apache Drill
> Issue Type: Task
> Affects Versions: 1.20.0
> Reporter: Cong Luo
> Assignee: Cong Luo
> Priority: Major
>
> Please note that the *metadata-extractor* is only used for format-image, so
> we should not define the version in the root *pom.xml* file.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
