[jira] [Commented] (TEZ-4083) Upgrade to latest 9.4.x Jetty version

Wei-Chiu Chuang (Jira) Fri, 25 Oct 2019 09:36:39 -0700


    [ 
https://issues.apache.org/jira/browse/TEZ-4083?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16959911#comment-16959911
 ]


Wei-Chiu Chuang commented on TEZ-4083:
--------------------------------------

Does Tez support multiple versions of Hadoop? Doesn't look like so from the 
pom.xml

> Upgrade to latest 9.4.x Jetty version
> -------------------------------------
>
>                 Key: TEZ-4083
>                 URL: https://issues.apache.org/jira/browse/TEZ-4083
>             Project: Apache Tez
>          Issue Type: Improvement
>            Reporter: Daniel Velasquez
>            Assignee: László Bodor
>            Priority: Major
>         Attachments: TEZ-4083.01.patch
>
>
> Jetty 9.3.24.v20180605 has security vulnerabilities where the server is 
> vulnerable to XSS conditions.
> [https://www.cvedetails.com/cve/CVE-2019-10241/]
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (TEZ-4083) Upgrade to latest 9.4.x Jetty version

Reply via email to