PJ Fanning created HADOOP-13332:
---
Summary: Remove jackson 1.9.13 and switch all jackson code to 2.x
code line
Key: HADOOP-13332
URL: https://issues.apache.org/jira/browse/HADOOP-13332
Project: Hadoop
[
https://issues.apache.org/jira/browse/HADOOP-12705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15355860#comment-15355860
]
PJ Fanning edited comment on HADOOP-12705 at 6/29/16 9:58 PM:
--
[@aajisaka]
[
https://issues.apache.org/jira/browse/HADOOP-12705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15355860#comment-15355860
]
PJ Fanning commented on HADOOP-12705:
-
[@akira.ajisaka]
[
https://issues.apache.org/jira/browse/HADOOP-13332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-13332:
Description:
This jackson 1.9 code line is no longer maintained and has a number of issues,
[
https://issues.apache.org/jira/browse/HADOOP-12705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15355804#comment-15355804
]
PJ Fanning commented on HADOOP-12705:
-
Can we upgrade to jackson v2.7.6 or v2.8.0 - these versions
[
https://issues.apache.org/jira/browse/HADOOP-12705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15355860#comment-15355860
]
PJ Fanning edited comment on HADOOP-12705 at 6/29/16 10:00 PM:
---
[
https://issues.apache.org/jira/browse/HADOOP-12705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15629174#comment-15629174
]
PJ Fanning commented on HADOOP-12705:
-
I think only 2.7.6 and 2.8.x have the XEE fix.
> Upgrade
PJ Fanning created HADOOP-15064:
---
Summary: hadoop-common 3.0.0-beta1 exposes a dependency on
slf4j-log4j12
Key: HADOOP-15064
URL: https://issues.apache.org/jira/browse/HADOOP-15064
Project: Hadoop
[
https://issues.apache.org/jira/browse/HADOOP-15064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15064:
Description:
https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-common/3.0.0-beta1
[
https://issues.apache.org/jira/browse/HADOOP-15064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15064:
Summary: hadoop-common and hadoop-auth 3.0.0-beta1 expose a dependency on
slf4j-log4j12 (was:
[
https://issues.apache.org/jira/browse/HADOOP-15064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15064:
Affects Version/s: 3.0.0-beta1
> hadoop-common 3.0.0-beta1 exposes a dependency on slf4j-log4j12
[
https://issues.apache.org/jira/browse/HADOOP-15064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15064:
Environment: (was:
[
https://issues.apache.org/jira/browse/HADOOP-15064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15064:
Description:
https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-common/3.0.0-beta1
One
[
https://issues.apache.org/jira/browse/HADOOP-15054?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15054:
Summary: upgrade hadoop dependency on commons-codec to 1.11 (was: upgrade
hadoop-auth dependency
[
https://issues.apache.org/jira/browse/HADOOP-15054?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15054:
Description:
https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-auth/3.0.0-beta1
PJ Fanning created HADOOP-15054:
---
Summary: upgrade hadoop-auth dependency on commons-codec to 1.11
Key: HADOOP-15054
URL: https://issues.apache.org/jira/browse/HADOOP-15054
Project: Hadoop Common
[
https://issues.apache.org/jira/browse/HADOOP-15804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15804:
Description:
[https://github.com/apache/commons-compress/blob/master/RELEASE-NOTES.txt]
Some
PJ Fanning created HADOOP-15804:
---
Summary: upgrade to commons-compress 1.18
Key: HADOOP-15804
URL: https://issues.apache.org/jira/browse/HADOOP-15804
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-15804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-15804:
Description:
[https://github.com/apache/commons-compress/blob/master/RELEASE-NOTES.txt]
Some
[
https://issues.apache.org/jira/browse/HADOOP-18126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18126:
Description:
{code:java}
Feb 11, 2022 11:31:43 AM
PJ Fanning created HADOOP-18126:
---
Summary: junit-vintage tests seem to be failing
Key: HADOOP-18126
URL: https://issues.apache.org/jira/browse/HADOOP-18126
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17491706#comment-17491706
]
PJ Fanning commented on HADOOP-15983:
-
[~aajisaka] the repo with my changes is at
[
https://issues.apache.org/jira/browse/HADOOP-13386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17491102#comment-17491102
]
PJ Fanning commented on HADOOP-13386:
-
Can this issue be reconsidered? Avro 1.7.7 brings a
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17492159#comment-17492159
]
PJ Fanning commented on HADOOP-15983:
-
[~aajisaka] the javee jersey-jackson uses jackson1 in many
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17491084#comment-17491084
]
PJ Fanning commented on HADOOP-15983:
-
I created
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17491103#comment-17491103
]
PJ Fanning commented on HADOOP-15983:
-
HADOOP-13386 is also needed to get rid of jackson 1
>
PJ Fanning created HADOOP-18165:
---
Summary: hadoop-yarn-ui has a number of insecure dependencies
Key: HADOOP-18165
URL: https://issues.apache.org/jira/browse/HADOOP-18165
Project: Hadoop Common
PJ Fanning created HADOOP-18178:
---
Summary: upgrade jackson-databind to 2.13.2.1 due to cve
Key: HADOOP-18178
URL: https://issues.apache.org/jira/browse/HADOOP-18178
Project: Hadoop Common
[
https://issues.apache.org/jira/browse/HADOOP-18180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17513433#comment-17513433
]
PJ Fanning commented on HADOOP-18180:
-
[~ste...@apache.org] thanks for checking this. I'm not
PJ Fanning created HADOOP-18180:
---
Summary: Remove use of scala jar twitter util-core
Key: HADOOP-18180
URL: https://issues.apache.org/jira/browse/HADOOP-18180
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17513380#comment-17513380
]
PJ Fanning commented on HADOOP-18180:
-
Added https://github.com/apache/hadoop/pull/4115
> Remove
[
https://issues.apache.org/jira/browse/HADOOP-18028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17514996#comment-17514996
]
PJ Fanning edited comment on HADOOP-18028 at 3/31/22, 12:36 AM:
Would
[
https://issues.apache.org/jira/browse/HADOOP-18028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17514996#comment-17514996
]
PJ Fanning commented on HADOOP-18028:
-
Would it be possible to consider switching the AWS v2 SDK
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17490610#comment-17490610
]
PJ Fanning commented on HADOOP-15983:
-
I guess that this issue should be renamed to reflect that
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17490883#comment-17490883
]
PJ Fanning commented on HADOOP-15983:
-
[~aajisaka] I had a look at jersey-json 1.19.4 and looks
PJ Fanning created HADOOP-18195:
---
Summary: make jackson v1 a runtime scope dependency
Key: HADOOP-18195
URL: https://issues.apache.org/jira/browse/HADOOP-18195
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18195:
Description:
In trunk, jackson v1 is only needed as a transitive dependency of jersey-json
[
https://issues.apache.org/jira/browse/HADOOP-18178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18178:
Summary: upgrade jackson-databind to 2.13.2.2 due to cve (was: upgrade
jackson-databind to
[
https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18895:
Description: Includes some important bug fixes including
[
https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18895:
Summary: upgrade to commons-compress 1.24.0 due to CVE (was: upgrade to
commons-compress
PJ Fanning created HADOOP-18890:
---
Summary: remove okhttp usage
Key: HADOOP-18890
URL: https://issues.apache.org/jira/browse/HADOOP-18890
Project: Hadoop Common
Issue Type: Bug
[
https://issues.apache.org/jira/browse/HADOOP-18890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17764306#comment-17764306
]
PJ Fanning commented on HADOOP-18890:
-
It seems to be used in a few places - notably
PJ Fanning created HADOOP-18894:
---
Summary: upgrade sshd-core due to CVEs
Key: HADOOP-18894
URL: https://issues.apache.org/jira/browse/HADOOP-18894
Project: Hadoop Common
Issue Type: Bug
[
https://issues.apache.org/jira/browse/HADOOP-18894?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18894:
Description:
https://mvnrepository.com/artifact/org.apache.sshd/sshd-core
hadoop currently uses
PJ Fanning created HADOOP-18895:
---
Summary: upgrade to commons-compress 1.24.0
Key: HADOOP-18895
URL: https://issues.apache.org/jira/browse/HADOOP-18895
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18895:
Description: Includes some important bug fixes including
PJ Fanning created HADOOP-18933:
---
Summary: upgrade netty to 4.1.100 due to CVE
Key: HADOOP-18933
URL: https://issues.apache.org/jira/browse/HADOOP-18933
Project: Hadoop Common
Issue Type:
PJ Fanning created HADOOP-18957:
---
Summary: Use StandardCharsets.UTF_8 constant
Key: HADOOP-18957
URL: https://issues.apache.org/jira/browse/HADOOP-18957
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18957?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18957:
Description:
* there are some places in the code that have to check for
PJ Fanning created HADOOP-18949:
---
Summary: upgrade maven dependency plugin due to security issue
Key: HADOOP-18949
URL: https://issues.apache.org/jira/browse/HADOOP-18949
Project: Hadoop Common
[
https://issues.apache.org/jira/browse/HADOOP-18936?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17781027#comment-17781027
]
PJ Fanning commented on HADOOP-18936:
-
[~coheigea] [~ayushtkn] I created
PJ Fanning created HADOOP-18912:
---
Summary: upgrade snappy-java to 1.1.10.4 due to CVE
Key: HADOOP-18912
URL: https://issues.apache.org/jira/browse/HADOOP-18912
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-18916:
---
Summary: module-info classes from external dependencies appearing
in uber jars
Key: HADOOP-18916
URL: https://issues.apache.org/jira/browse/HADOOP-18916
Project:
[
https://issues.apache.org/jira/browse/HADOOP-17225?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17770690#comment-17770690
]
PJ Fanning commented on HADOOP-17225:
-
This can probably be closed because latest hadoop 3.3
[
https://issues.apache.org/jira/browse/HADOOP-18916?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18916:
Description:
hadoop-client-minicluster and hadoop-client-runtime try unsuccessfully to
exclude
PJ Fanning created HADOOP-18917:
---
Summary: upgrade to commons-io 2.14.0
Key: HADOOP-18917
URL: https://issues.apache.org/jira/browse/HADOOP-18917
Project: Hadoop Common
Issue Type: Improvement
PJ Fanning created HADOOP-18921:
---
Summary: upgrade avro in hadoop-thirdparty to 1.11.3
Key: HADOOP-18921
URL: https://issues.apache.org/jira/browse/HADOOP-18921
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-18924:
---
Summary: upgrade grpc jars to v1.53.0 due to CVEs
Key: HADOOP-18924
URL: https://issues.apache.org/jira/browse/HADOOP-18924
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18936?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18936:
Description:
2 CVE fixes in
PJ Fanning created HADOOP-18936:
---
Summary: upgrade jetty to 9.4.53 due to CVEs
Key: HADOOP-18936
URL: https://issues.apache.org/jira/browse/HADOOP-18936
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18359?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1299#comment-1299
]
PJ Fanning commented on HADOOP-18359:
-
[~coheigea] I have not been involved with this issue. I am
[
https://issues.apache.org/jira/browse/HADOOP-18929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17773810#comment-17773810
]
PJ Fanning commented on HADOOP-18929:
-
It looks like commons-compress 1.24.0 is the 1st
[
https://issues.apache.org/jira/browse/HADOOP-18929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17773818#comment-17773818
]
PJ Fanning commented on HADOOP-18929:
-
https://github.com/apache/hadoop/pull/6169
> Build failure
[
https://issues.apache.org/jira/browse/HADOOP-18332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18332:
Description:
This jsr311-api jar seems to conflict with newly added rs-api jar dependency -
[
https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17565050#comment-17565050
]
PJ Fanning commented on HADOOP-18033:
-
So the Tez issue seems (possibly) to be caused by
[
https://issues.apache.org/jira/browse/HADOOP-18332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18332:
Description:
This jsr311-api jar seems to conflict with newly added rs-api jar dependency -
[
https://issues.apache.org/jira/browse/HADOOP-18332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18332:
Summary: remove rs-api dependency (needs jackson downgrade to 2.12.7)
(was: remove rs-api
[
https://issues.apache.org/jira/browse/HADOOP-18165?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18165:
Description:
Many of these are rates as critical or high risk vulnerabilities. This list is
the
PJ Fanning created HADOOP-18332:
---
Summary: remove jsr311-api dependency
Key: HADOOP-18332
URL: https://issues.apache.org/jira/browse/HADOOP-18332
Project: Hadoop Common
Issue Type: Improvement
[
https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17564966#comment-17564966
]
PJ Fanning commented on HADOOP-18033:
-
[~ayushtkn] would
[
https://issues.apache.org/jira/browse/HADOOP-18180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17560627#comment-17560627
]
PJ Fanning commented on HADOOP-18180:
-
[~ahmarsu] Feel free to remove the ExecutorServicePool and
[
https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17565978#comment-17565978
]
PJ Fanning commented on HADOOP-18033:
-
[~ste...@apache.org] I've had to make a change to
PJ Fanning created HADOOP-18342:
---
Summary: Upgrade to Avro 1.11.0
Key: HADOOP-18342
URL: https://issues.apache.org/jira/browse/HADOOP-18342
Project: Hadoop Common
Issue Type: Improvement
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18342:
Description: Latest version of Avro. Aimed only at trunk as there is no
security concern
PJ Fanning created HADOOP-18343:
---
Summary: upgrade to jetty 9.4.47 due to CVE
Key: HADOOP-18343
URL: https://issues.apache.org/jira/browse/HADOOP-18343
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18341:
Description:
Current version 2.1.1 has no CVEs but all higher versions have CVEs except for
the
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17567945#comment-17567945
]
PJ Fanning commented on HADOOP-18342:
-
[~ste...@apache.org] this is not a high priority. I found a
PJ Fanning created HADOOP-18341:
---
Summary: upgrade to commons-configuration2 2.8.0
Key: HADOOP-18341
URL: https://issues.apache.org/jira/browse/HADOOP-18341
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17567933#comment-17567933
]
PJ Fanning commented on HADOOP-18343:
-
Apologies [~groot], I missed that issue - thanks for closing
[
https://issues.apache.org/jira/browse/HADOOP-18333?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17567946#comment-17567946
]
PJ Fanning commented on HADOOP-18333:
-
[~ste...@apache.org] Is this a change that could be
[
https://issues.apache.org/jira/browse/HADOOP-18343?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18343:
Description:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2047
Use 9.4.48 (latest
PJ Fanning created HADOOP-18354:
---
Summary: upgrade reload4j due to XXE vulnerability
Key: HADOOP-18354
URL: https://issues.apache.org/jira/browse/HADOOP-18354
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18342:
Summary: Upgrade to Avro 1.11.1 (was: Upgrade to Avro 1.11.0)
> Upgrade to Avro 1.11.1
>
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17599131#comment-17599131
]
PJ Fanning commented on HADOOP-18342:
-
[~ste...@apache.org] does
PJ Fanning created HADOOP-18441:
---
Summary: remove
org.apache.hadoop.maven.plugin.shade.resource.ServicesResourceTransformer
Key: HADOOP-18441
URL: https://issues.apache.org/jira/browse/HADOOP-18441
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18342:
Labels: (was: pull-request-available)
> Upgrade to Avro 1.11.1
> --
>
>
[
https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18469:
Summary: Add XMLUtils methods to centralise code that creates secure XML
parsers (was: Add an
[
https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18469:
Summary: Add an XMLUtils method to centralise code that creates secure XML
parsers (was: Add an
PJ Fanning created HADOOP-18469:
---
Summary: Add an XMLUtils class to centralise code that creates
secure XML parsers
Key: HADOOP-18469
URL: https://issues.apache.org/jira/browse/HADOOP-18469
Project:
[
https://issues.apache.org/jira/browse/HADOOP-18497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17619609#comment-17619609
]
PJ Fanning commented on HADOOP-18497:
-
This CVE is starting to get a lot of press and social media
[
https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17620662#comment-17620662
]
PJ Fanning commented on HADOOP-15983:
-
[~ste...@apache.org] I can look at doing a PR for the 3.3
[
https://issues.apache.org/jira/browse/HADOOP-18512?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17625587#comment-17625587
]
PJ Fanning commented on HADOOP-18512:
-
Not likely to be something that can be exploited but to keep
[
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17606797#comment-17606797
]
PJ Fanning edited comment on HADOOP-18443 at 9/19/22 11:43 PM:
---
[~groot]
[
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17606797#comment-17606797
]
PJ Fanning commented on HADOOP-18443:
-
[~groot] it looks like snakeyaml now limits the size of the
[
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17606797#comment-17606797
]
PJ Fanning edited comment on HADOOP-18443 at 9/20/22 12:17 AM:
---
[~groot]
[
https://issues.apache.org/jira/browse/HADOOP-18443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17606265#comment-17606265
]
PJ Fanning commented on HADOOP-18443:
-
v1.32 was released and added another security fix - would it
PJ Fanning created HADOOP-18468:
---
Summary: upgrade jettison json jar due to security issue
Key: HADOOP-18468
URL: https://issues.apache.org/jira/browse/HADOOP-18468
Project: Hadoop Common
[
https://issues.apache.org/jira/browse/HADOOP-18468?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18468:
Description:
A fix for [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40149]
PJ Fanning created HADOOP-18472:
---
Summary: Upgrade to snakeyaml 1.33
Key: HADOOP-18472
URL: https://issues.apache.org/jira/browse/HADOOP-18472
Project: Hadoop Common
Issue Type: Improvement
PJ Fanning created HADOOP-18492:
---
Summary: upgrade commons-text to 1.10.0
Key: HADOOP-18492
URL: https://issues.apache.org/jira/browse/HADOOP-18492
Project: Hadoop Common
Issue Type:
1 - 100 of 167 matches
Mail list logo