[
https://issues.apache.org/jira/browse/HIVE-26829?focusedWorklogId=835797&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-835797
]
ASF GitHub Bot logged work on HIVE-26829:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 27/Dec/22 21:53
Start Date: 27/Dec/22 21:53
Worklog Time Spent: 10m
Work Description: cnauroth commented on PR #3878:
URL: https://github.com/apache/hive/pull/3878#issuecomment-1366198095
Hello @brahmareddybattula . I reviewed Avro release notes between 1.9.2 and
1.11.0. I didn't find any mention of backward-incompatible changes, though I
don't know if that's a definitive answer.
Hadoop noticed a potential incompatibility in the upgrade from 1.8.2. to
1.9.0, documented in
[HADOOP-13386](https://issues.apache.org/jira/browse/HADOOP-13386). I'm
wondering if the testing mentioned by @Aggarwal-Raghav is sufficient to show
the upgrade is safe?
While researching, I noticed that Avro has released 1.11.1, so if we can
confirm the upgrade is safe, then perhaps we want to jump to that.
Issue Time Tracking
-------------------
Worklog Id: (was: 835797)
Time Spent: 50m (was: 40m)
> Upgrade avro to 1.11.0
> ----------------------
>
> Key: HIVE-26829
> URL: https://issues.apache.org/jira/browse/HIVE-26829
> Project: Hive
> Issue Type: Improvement
> Affects Versions: 4.0.0-alpha-2
> Reporter: Raghav Aggarwal
> Assignee: Raghav Aggarwal
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> To address this CVE-2021-43045, avro needs to be upgraded to 1.11.0
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
