[ https://issues.apache.org/jira/browse/TEZ-4114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030003#comment-17030003 ]
Siyao Meng edited comment on TEZ-4114 at 2/4/20 5:21 PM: --------------------------------------------------------- [~jeagles] Thanks for your comment. It makes sense to use flags for maven. You're right we should use 9.4.20 here. I mixed up with our internal release's (CDH) jetty version. My bad. Side note: usually in Hadoop, dependencies are only upgraded when there's a CVE for the existing one. So upstream Hadoop will stay for 9.4.20 for a while unless there are other reasons to upgrade. was (Author: smeng): [~jeagles] Thanks for your comment. It makes sense to use flags for maven. You're right we should use 9.4.20 here. I got myself mixed up with our internal release's (CDH) jetty version. My bad. Side note: usually in Hadoop, dependencies are only upgraded when there's a CVE for the existing one. So upstream Hadoop will stay for 9.4.20 for a while unless there are other reasons to upgrade. > Upgrade to Jetty 9.4 > -------------------- > > Key: TEZ-4114 > URL: https://issues.apache.org/jira/browse/TEZ-4114 > Project: Apache Tez > Issue Type: Bug > Reporter: László Bodor > Assignee: László Bodor > Priority: Major > Attachments: TEZ-4114.01.patch, TEZ-4114.02.patch > > > Hadoop already did it in: https://issues.apache.org/jira/browse/HADOOP-16152 > Hive: "in progress", only abandoned jiras > https://issues.apache.org/jira/browse/HIVE-21961 > https://issues.apache.org/jira/browse/HIVE-21211 -- This message was sent by Atlassian Jira (v8.3.4#803005)