Michael Smith has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/21858 )
Change subject: IMPALA-13406: Switch to curl 8.10.1 to resolve CVEs ...................................................................... IMPALA-13406: Switch to curl 8.10.1 to resolve CVEs This bumps the toolchain build and switches the version of Curl to 8.10.1. This resolves several medium and low severity CVEs that are present in Curl 7.78. See https://curl.se/docs/vuln-7.78.0.html This also changed the Curl build to stop including unnecessary features like TELNET/GOPHER/FTP/etc. That also reduces the surface area for CVEs. An error message changed slightly in the new Curl version, so this updates the test to match. Testing: - Ran an exhaustive job Change-Id: I844578187f1f3f791e4e02d7d686c3e444963806 Reviewed-on: http://gerrit.cloudera.org:8080/21858 Tested-by: Impala Public Jenkins <[email protected]> Reviewed-by: Michael Smith <[email protected]> --- M bin/impala-config.sh M fe/src/test/java/org/apache/impala/customcluster/JwtHttpTest.java 2 files changed, 5 insertions(+), 5 deletions(-) Approvals: Impala Public Jenkins: Verified Michael Smith: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/21858 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I844578187f1f3f791e4e02d7d686c3e444963806 Gerrit-Change-Number: 21858 Gerrit-PatchSet: 4 Gerrit-Owner: Joe McDonnell <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Joe McDonnell <[email protected]> Gerrit-Reviewer: Laszlo Gaal <[email protected]> Gerrit-Reviewer: Michael Smith <[email protected]>
