[jira] [Commented] (TEZ-4083) Upgrade to latest Jetty version

Wei-Chiu Chuang (Jira) Thu, 17 Oct 2019 13:16:19 -0700


    [ 
https://issues.apache.org/jira/browse/TEZ-4083?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16954081#comment-16954081
 ]


Wei-Chiu Chuang commented on TEZ-4083:
--------------------------------------

I am going to commit HADOOP-16152 into Hadoop 3.3.0 release and lower 3.x 
branches. Watch out as that commit will break Tez.

> Upgrade to latest Jetty version
> -------------------------------
>
>                 Key: TEZ-4083
>                 URL: https://issues.apache.org/jira/browse/TEZ-4083
>             Project: Apache Tez
>          Issue Type: Improvement
>            Reporter: Daniel Velasquez
>            Priority: Major
>         Attachments: TEZ-4083.01.patch
>
>
> Jetty 9.3.24.v20180605 has security vulnerabilities where the server is 
> vulnerable to XSS conditions.
> [https://www.cvedetails.com/cve/CVE-2019-10241/]
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (TEZ-4083) Upgrade to latest Jetty version

Reply via email to