[
https://issues.apache.org/jira/browse/SENTRY-1997?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated SENTRY-1997:
----------------------------------------
Attachment: SENTRY-1997.patch
Here is a patch for this issue, which includes the update as well as switching
the tests to use the new Jetty Server instead of Tomcat. It was quite tricky to
resolve, I had to work around 2 issues in Sqoop which I have submitted patches
for:
https://issues.apache.org/jira/browse/SQOOP-3250
https://issues.apache.org/jira/browse/SQOOP-3251
Tested successfully with a deployment as well.
> Bump sqoop dependency version to 1.99.7
> ---------------------------------------
>
> Key: SENTRY-1997
> URL: https://issues.apache.org/jira/browse/SENTRY-1997
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
> Affects Versions: 2.0.0
> Reporter: kalyan kumar kalvagadda
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 2.0.0
>
> Attachments: SENTRY-1997.patch
>
>
> A CVE security issue exists on our current SQOOP dependency 1.99.7
> SeeCVE-2009-4269 (H),CVE-2005-4849 (H)
> We should bump the version to the latest one that is 1.99.7
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
