[
https://issues.apache.org/jira/browse/HBASE-29318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nihal Jain updated HBASE-29318:
-------------------------------
Description:
JRuby 9.4.12.1 has been released on May 07 2025. This release drops moderate
jruby-openssl CVE: [CVE-2025-46551 and
GHSA-72qj-48g4-5xgx|https://github.com/jruby/jruby-openssl/security/advisories/GHSA-72qj-48g4-5xgx]
[ |https://github.com/advisories/GHSA-2rxp-v6pw-ch6m]from our classpath.
Also its been a while we bumped to latest JRuby. See release notes containing
details about several other bugs fixes / improvements since release 9.4.9.0 as
below:
* [https://www.jruby.org/2025/01/21/jruby-9-4-10-0.html]
* [https://www.jruby.org/2025/01/29/jruby-9-4-11-0.html]
* [https://www.jruby.org/2025/02/11/jruby-9-4-12-0.html]
* [https://www.jruby.org/2025/05/07/jruby-9-4-12-1.html]
Note: JRuby 9.4.12.x preserves Ruby 3.1 compatibility as previous version!
Also, this will fix an issue report by [~junegunn] in
https://github.com/apache/hbase/pull/6997
{quote}
I needed this badly as 9.4.9.0 had a performance problem in IRB where pasting
clipboard content is extremely slow. The problem was fixed in 9.4.10.0
(probably by jruby/jruby@1c871a3). See the video below:
irb-perf.mp4
echo {1..30} | pbcopy
bin/hbase shell
mise x ruby@jruby-9.4.9.0 -- irb
mise x ruby@jruby-9.4.10.0 -- irb{quote}
was:
JRuby 9.4.12.1 has been released on May 07 2025. This release drops moderate
jruby-openssl CVE: [CVE-2025-46551 and
GHSA-72qj-48g4-5xgx|https://github.com/jruby/jruby-openssl/security/advisories/GHSA-72qj-48g4-5xgx]
[ |https://github.com/advisories/GHSA-2rxp-v6pw-ch6m]from our classpath.
Also its been a while we bumped to latest JRuby. See release notes containing
details about several other bugs fixes / improvements since release 9.4.9.0 as
below:
* [https://www.jruby.org/2025/01/21/jruby-9-4-10-0.html]
* [https://www.jruby.org/2025/01/29/jruby-9-4-11-0.html]
* [https://www.jruby.org/2025/02/11/jruby-9-4-12-0.html]
* [https://www.jruby.org/2025/05/07/jruby-9-4-12-1.html]
Note: JRuby 9.4.12.x preserves Ruby 3.1 compatibility as previous version!
> Bump jruby to 9.4.12.1 to fix jruby-openssl CVEs
> ------------------------------------------------
>
> Key: HBASE-29318
> URL: https://issues.apache.org/jira/browse/HBASE-29318
> Project: HBase
> Issue Type: Bug
> Components: jruby, security, shell
> Reporter: Nihal Jain
> Assignee: Nihal Jain
> Priority: Major
> Labels: pull-request-available
> Fix For: 2.7.0, 3.0.0-beta-2
>
>
> JRuby 9.4.12.1 has been released on May 07 2025. This release drops moderate
> jruby-openssl CVE: [CVE-2025-46551 and
> GHSA-72qj-48g4-5xgx|https://github.com/jruby/jruby-openssl/security/advisories/GHSA-72qj-48g4-5xgx]
> [ |https://github.com/advisories/GHSA-2rxp-v6pw-ch6m]from our classpath.
> Also its been a while we bumped to latest JRuby. See release notes containing
> details about several other bugs fixes / improvements since release 9.4.9.0
> as below:
> * [https://www.jruby.org/2025/01/21/jruby-9-4-10-0.html]
> * [https://www.jruby.org/2025/01/29/jruby-9-4-11-0.html]
> * [https://www.jruby.org/2025/02/11/jruby-9-4-12-0.html]
> * [https://www.jruby.org/2025/05/07/jruby-9-4-12-1.html]
> Note: JRuby 9.4.12.x preserves Ruby 3.1 compatibility as previous version!
> Also, this will fix an issue report by [~junegunn] in
> https://github.com/apache/hbase/pull/6997
> {quote}
> I needed this badly as 9.4.9.0 had a performance problem in IRB where pasting
> clipboard content is extremely slow. The problem was fixed in 9.4.10.0
> (probably by jruby/jruby@1c871a3). See the video below:
> irb-perf.mp4
> echo {1..30} | pbcopy
> bin/hbase shell
> mise x ruby@jruby-9.4.9.0 -- irb
> mise x ruby@jruby-9.4.10.0 -- irb{quote}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
