[jira] [Updated] (HADOOP-18443) Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857

[Ashutosh Gupta (Jira)]

 [ 
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ashutosh Gupta updated HADOOP-18443:

Description: Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
[CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]  (was: 
Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
[CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]

 

Details - [https://nvd.nist.gov/vuln/detail/CVE-2022-25857])

> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
> 
>
> Key: HADOOP-18443
> URL: https://issues.apache.org/jira/browse/HADOOP-18443
> Project: Hadoop Common
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.3.3, 3.3.4
>Reporter: Ashutosh Gupta
>Assignee: Ashutosh Gupta
>Priority: Major
>  Labels: pull-request-available
>
> Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
> [CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

[jira] [Updated] (HADOOP-18443) Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 and and CVE-2022-38752

[Ashutosh Gupta (Jira)]

 [ 
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ashutosh Gupta updated HADOOP-18443:

Summary: Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 and and 
CVE-2022-38752  (was: Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857)

> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 and and CVE-2022-38752
> ---
>
> Key: HADOOP-18443
> URL: https://issues.apache.org/jira/browse/HADOOP-18443
> Project: Hadoop Common
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.3.3, 3.3.4
>Reporter: Ashutosh Gupta
>Assignee: Ashutosh Gupta
>Priority: Major
>  Labels: pull-request-available
>
> Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
> [CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

[jira] [Updated] (HADOOP-18443) Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857

[Ashutosh Gupta (Jira)]

 [ 
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ashutosh Gupta updated HADOOP-18443:

Description: 
Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
[CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]

 

Details - [https://nvd.nist.gov/vuln/detail/CVE-2022-25857]

  was:
Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857

 

Details - https://nvd.nist.gov/vuln/detail/CVE-2022-25857


> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
> 
>
> Key: HADOOP-18443
> URL: https://issues.apache.org/jira/browse/HADOOP-18443
> Project: Hadoop Common
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.3.3, 3.3.4
>Reporter: Ashutosh Gupta
>Assignee: Ashutosh Gupta
>Priority: Major
>  Labels: pull-request-available
>
> Upgrade snakeyaml to 1.32 to mitigate CVE-2022-25857 and 
> [CVE-2022-38752|https://github.com/advisories/GHSA-9w3m-gqgf-c4p9]
>  
> Details - [https://nvd.nist.gov/vuln/detail/CVE-2022-25857]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

[jira] [Updated] (HADOOP-18443) Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857

[Brahma Reddy Battula (Jira)]

 [ 
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brahma Reddy Battula updated HADOOP-18443:
--
Status: Patch Available  (was: Open)

> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
> 
>
> Key: HADOOP-18443
> URL: https://issues.apache.org/jira/browse/HADOOP-18443
> Project: Hadoop Common
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.3.4, 3.3.3
>Reporter: groot
>Assignee: groot
>Priority: Major
>  Labels: pull-request-available
>
> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
>  
> Details - https://nvd.nist.gov/vuln/detail/CVE-2022-25857



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

[jira] [Updated] (HADOOP-18443) Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857

[ASF GitHub Bot (Jira)]

 [ 
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

ASF GitHub Bot updated HADOOP-18443:

Labels: pull-request-available  (was: )

> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
> 
>
> Key: HADOOP-18443
> URL: https://issues.apache.org/jira/browse/HADOOP-18443
> Project: Hadoop Common
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.3.3, 3.3.4
>Reporter: groot
>Assignee: groot
>Priority: Major
>  Labels: pull-request-available
>
> Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857
>  
> Details - https://nvd.nist.gov/vuln/detail/CVE-2022-25857



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org