[jira] [Commented] (TEZ-3888) Update Jetty to org.eclipse.jetty 9.x

Gopal V (JIRA) Mon, 08 Oct 2018 13:11:21 -0700


    [ 
https://issues.apache.org/jira/browse/TEZ-3888?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16642405#comment-16642405
 ]


Gopal V commented on TEZ-3888:
------------------------------

bq. this is causing NoSuchMethod errors in HiveServer2.

Which version is this? 

Since the public interface for HS2 goes over HTTP, CVE-2009-1523 needs to go 
back in.


> Update Jetty to org.eclipse.jetty 9.x
> -------------------------------------
>
>                 Key: TEZ-3888
>                 URL: https://issues.apache.org/jira/browse/TEZ-3888
>             Project: Apache Tez
>          Issue Type: Improvement
>            Reporter: Eric Wohlstadter
>            Assignee: Eric Wohlstadter
>            Priority: Major
>             Fix For: 0.9.2
>
>         Attachments: TEZ-3888.1.patch
>
>
> mortbay Jetty 6 is no longer supported and has multiple CVEs.
> Tez can't be used in scenarios where compliance against vulnerability 
> scanning tools is required.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (TEZ-3888) Update Jetty to org.eclipse.jetty 9.x

Reply via email to