[
https://issues.apache.org/jira/browse/TEZ-4429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17555114#comment-17555114
]
László Bodor commented on TEZ-4429:
-----------------------------------
thanks for reporting this [~ayushtkn]! can you please check on which guava does
hadoop 3.3.1 or 3.3.3 depend on? (we're on 3.3.1, planning to move to 3.3.3
soon I believe)
we usually try to follow hadoop's dependency versions (even if guava is shaded
there), so I'm just asking this for curiosity...
> Upgrade guava to 31.1 to fix CVE-2020-8908
> ------------------------------------------
>
> Key: TEZ-4429
> URL: https://issues.apache.org/jira/browse/TEZ-4429
> Project: Apache Tez
> Issue Type: Improvement
> Reporter: Ayush Saxena
> Assignee: Ayush Saxena
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
