[jira] [Commented] (SENTRY-1997) Bump sqoop dependency version to 1.99.7

Colm O hEigeartaigh (JIRA) Wed, 18 Oct 2017 07:12:19 -0700

    [ 
https://issues.apache.org/jira/browse/SENTRY-1997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16209387#comment-16209387
 ]


Colm O hEigeartaigh commented on SENTRY-1997:
---------------------------------------------

I think we need to wait until Sentry picks up Jetty9 first for this one, as the 
Sqoop 1.99.7 Jetty test code does not use Jetty 8.x.

> Bump sqoop dependency version to 1.99.7
> ---------------------------------------
>
>                 Key: SENTRY-1997
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1997
>             Project: Sentry
>          Issue Type: Bug
>          Components: Sentry
>    Affects Versions: 2.0.0
>            Reporter: kalyan kumar kalvagadda
>
> A CVE security issue exists on our current SQOOP dependency 1.99.7
> SeeCVE-2009-4269 (H),CVE-2005-4849 (H)
> We should bump the version to the latest one that is 1.99.7



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (SENTRY-1997) Bump sqoop dependency version to 1.99.7

Reply via email to