tanishqchugh created HIVE-28435:
-----------------------------------
Summary: Upgrade cron-utils to 9.2.1
Key: HIVE-28435
URL: https://issues.apache.org/jira/browse/HIVE-28435
Project: Hive
Issue Type: Task
Reporter: tanishqchugh
Assignee: tanishqchugh
Cron-utils v9.1.6 requires org.glassfish:javax.el v3.0.0 as a compile time
dependency. javax.el artifact was moved to jakarta.el. All versions upto and
including 3.0.3 for jakarta.el artifact is affected by [CVE-2021-28170
|[https://nvd.nist.gov/vuln/detail/CVE-2021-28170].]
Upgrade cron-utils to 9.2.1 to get rid of CVE-2021-28170 as this upgrade would
remove transitive usage of javax.el
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
