[jira] [Updated] (HDDS-10588) Upgrade the hadoop-shaded-guava version (1.1.1 -> 1.2.0)

Attila Doroszlai (Jira) Wed, 27 Mar 2024 08:30:04 -0700


     [ 
https://issues.apache.org/jira/browse/HDDS-10588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Attila Doroszlai updated HDDS-10588:
------------------------------------
    Issue Type: Task  (was: Improvement)

> Upgrade the hadoop-shaded-guava version (1.1.1 -> 1.2.0)
> --------------------------------------------------------
>
>                 Key: HDDS-10588
>                 URL: https://issues.apache.org/jira/browse/HDDS-10588
>             Project: Apache Ozone
>          Issue Type: Task
>    Affects Versions: 1.5.0
>            Reporter: Vyacheslav Tutrinov
>            Assignee: Vyacheslav Tutrinov
>            Priority: Minor
>              Labels: pull-request-available
>             Fix For: 1.5.0
>
>
> The hadoop-shaded-guava library (version of 1.1.1) depends on guava of the 
> version 30.1.1 that has a vulnerability - 
> https://nvd.nist.gov/vuln/detail/CVE-2023-2976. A newer version of the 
> hadoop-shaded-guava (1.2.0) depends from a newer version of the guava - 
> 32.0.1 - that hasn't the CVE



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HDDS-10588) Upgrade the hadoop-shaded-guava version (1.1.1 -> 1.2.0)

Reply via email to