Abhishek Chennaka has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/22168 )
Change subject: [thirdparty] KUDU-3626: Upgrade Apache Thrift to version 0.21.0 ...................................................................... [thirdparty] KUDU-3626: Upgrade Apache Thrift to version 0.21.0 To address CVEs like CVE-2018-1320, CVE-2019-0210 and CVE-2019-0205 in the current Apache Thrift version 0.11.0 we are upgrading to version 0.21.0. We initally considered using version 0.16.0 as Hive uses it. But due to the reported issues[1][2] and no significant changes between 0.16.0 and 0.21.0 which can potentially break Kudu we think we can upgrade to 0.21.0 directly hence being more future proof. Thanks to Alexey Serbin for valuable inputs for this patch. [1]https://issues.apache.org/jira/browse/THRIFT-5599 [2]https://issues.apache.org/jira/browse/THRIFT-5696 Change-Id: I44c85f5d6679895865346118759d8da379cec3d5 Reviewed-on: http://gerrit.cloudera.org:8080/22159 Tested-by: Alexey Serbin <[email protected]> Reviewed-by: Alexey Serbin <[email protected]> (cherry picked from commit f2a6be7a44e3c395c240f982ce7b2a193410cb9b) Reviewed-on: http://gerrit.cloudera.org:8080/22168 Reviewed-by: Abhishek Chennaka <[email protected]> --- M cmake_modules/FindThrift.cmake M src/kudu/thrift/sasl_client_transport.cc M src/kudu/thrift/sasl_client_transport.h M thirdparty/build-definitions.sh M thirdparty/vars.sh 5 files changed, 13 insertions(+), 9 deletions(-) Approvals: Alexey Serbin: Verified Abhishek Chennaka: Looks good to me, approved -- To view, visit http://gerrit.cloudera.org:8080/22168 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: branch-1.18.x Gerrit-MessageType: merged Gerrit-Change-Id: I44c85f5d6679895865346118759d8da379cec3d5 Gerrit-Change-Number: 22168 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Abhishek Chennaka <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Marton Greber <[email protected]>
