[ https://issues.apache.org/jira/browse/HBASE-25568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17308983#comment-17308983 ]
Hudson commented on HBASE-25568: -------------------------------- Results for branch branch-2.2 [build #196 on builds.a.o|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2.2/196/]: (x) *{color:red}-1 overall{color}* ---- details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2.2/196//General_Nightly_Build_Report/] (/) {color:green}+1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2.2/196//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2.2/196//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (x) {color:red}-1 client integration test{color} --Failed when running client tests on top of Hadoop 2. [see log for details|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2.2/196//artifact/output-integration/hadoop-2.log]. (note that this means we didn't run on Hadoop 3) > Upgrade Thrift jar to fix CVE-2020-13949 > ---------------------------------------- > > Key: HBASE-25568 > URL: https://issues.apache.org/jira/browse/HBASE-25568 > Project: HBase > Issue Type: Bug > Components: Thrift > Reporter: Pankaj Kumar > Assignee: Pankaj Kumar > Priority: Critical > Fix For: 3.0.0-alpha-1, 2.2.7, 2.3.5, 2.4.3 > > > There is potential DoS when processing untrusted Thrift payloads, > https://seclists.org/oss-sec/2021/q1/140 -- This message was sent by Atlassian Jira (v8.3.4#803005)