[
https://issues.apache.org/jira/browse/HADOOP-18492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17616477#comment-17616477
]
PJ Fanning commented on HADOOP-18492:
-
[~groot] I already have
[
https://issues.apache.org/jira/browse/HADOOP-18492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18492:
Description:
Extends HADOOP-18341
[
https://issues.apache.org/jira/browse/HADOOP-18492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18492:
Description:
Extends HADOOP-18341
PJ Fanning created HADOOP-18493:
---
Summary: uptake jackson-databind 2.12.7.1 due to CVE fixes
Key: HADOOP-18493
URL: https://issues.apache.org/jira/browse/HADOOP-18493
Project: Hadoop Common
PJ Fanning created HADOOP-18496:
---
Summary: upgrade kotlin-stdlib due to CVEs
Key: HADOOP-18496
URL: https://issues.apache.org/jira/browse/HADOOP-18496
Project: Hadoop Common
Issue Type:
PJ Fanning created HADOOP-18484:
---
Summary: upgrade hsqldb to v2.7.1 due to CVE
Key: HADOOP-18484
URL: https://issues.apache.org/jira/browse/HADOOP-18484
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18496?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17617623#comment-17617623
]
PJ Fanning commented on HADOOP-18496:
-
[~ste...@apache.org] looks like the kotlin dependencies were
[
https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17651383#comment-17651383
]
PJ Fanning commented on HADOOP-18575:
-
[~ste...@apache.org] in terms of performance concerns, would
[
https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17651325#comment-17651325
]
PJ Fanning commented on HADOOP-18575:
-
I guess that could be done. I might have time tonight to do
[
https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17652406#comment-17652406
]
PJ Fanning commented on HADOOP-18342:
-
The hadoop-thirdparty jar has not been released to Maven
[
https://issues.apache.org/jira/browse/HADOOP-18587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18587:
Description:
[https://github.com/advisories/GHSA-x27m-9w8j-5vcw]
PJ Fanning created HADOOP-18587:
---
Summary: upgrade to jettison 1.5.2 due to security issue
Key: HADOOP-18587
URL: https://issues.apache.org/jira/browse/HADOOP-18587
Project: Hadoop Common
PJ Fanning created HADOOP-18575:
---
Summary: make transformer factory creation more lenient
Key: HADOOP-18575
URL: https://issues.apache.org/jira/browse/HADOOP-18575
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17647565#comment-17647565
]
PJ Fanning commented on HADOOP-18469:
-
In Apache POI, they use a best effort approach with setting
[
https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17647590#comment-17647590
]
PJ Fanning commented on HADOOP-18469:
-
I raised [https://github.com/apache/hadoop/pull/5224] - I
[
https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17647667#comment-17647667
]
PJ Fanning commented on HADOOP-18575:
-
https://github.com/apache/hadoop/pull/5224
> make
[
https://issues.apache.org/jira/browse/HADOOP-17563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643063#comment-17643063
]
PJ Fanning commented on HADOOP-17563:
-
This class is in bcprov-jdk15on-1.60.jar and
[
https://issues.apache.org/jira/browse/HADOOP-18587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17677381#comment-17677381
]
PJ Fanning commented on HADOOP-18587:
-
Would be nice to get it into 3.3.5 rc but if you are in the
PJ Fanning created HADOOP-18658:
---
Summary: snakeyaml dependency: upgrade to v2.0
Key: HADOOP-18658
URL: https://issues.apache.org/jira/browse/HADOOP-18658
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-18719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning resolved HADOOP-18719.
-
Resolution: Duplicate
> upgrade snakeyaml to 2.0 (fixes CVE-2022-1471)
>
PJ Fanning created HADOOP-18719:
---
Summary: upgrade snakeyaml to 2.0 (fixes CVE-2022-1471)
Key: HADOOP-18719
URL: https://issues.apache.org/jira/browse/HADOOP-18719
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-18711:
---
Summary: upgrade nimbus jwt jar due to issues in its embedded
shaded json-smart code
Key: HADOOP-18711
URL: https://issues.apache.org/jira/browse/HADOOP-18711
Project:
PJ Fanning created HADOOP-18712:
---
Summary: upgrade to jetty 9.4.51 due to cve
Key: HADOOP-18712
URL: https://issues.apache.org/jira/browse/HADOOP-18712
Project: Hadoop Common
Issue Type: Task
[
https://issues.apache.org/jira/browse/HADOOP-18693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18693:
Description:
[https://github.com/advisories/GHSA-wr69-g62g-2r9h]
PJ Fanning created HADOOP-18693:
---
Summary: upgrade Apache Derby due to CVEs
Key: HADOOP-18693
URL: https://issues.apache.org/jira/browse/HADOOP-18693
Project: Hadoop Common
Issue Type: Task
[
https://issues.apache.org/jira/browse/HADOOP-18693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-18693:
Description:
[https://github.com/advisories/GHSA-wr69-g62g-2r9h]
PJ Fanning created HADOOP-18619:
---
Summary: replace jsr311-api dependency with rs-api
Key: HADOOP-18619
URL: https://issues.apache.org/jira/browse/HADOOP-18619
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17685255#comment-17685255
]
PJ Fanning commented on HADOOP-18619:
-
When 3.3.5 is released, jersey-json dependency will be
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17687023#comment-17687023
]
PJ Fanning commented on HADOOP-18619:
-
I haven't tried playing with jersey-core too much yet. I
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17687023#comment-17687023
]
PJ Fanning edited comment on HADOOP-18619 at 2/10/23 10:51 AM:
---
I haven't
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17687104#comment-17687104
]
PJ Fanning commented on HADOOP-18619:
-
I had a quick look and getting jersey-core to work with
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17687104#comment-17687104
]
PJ Fanning edited comment on HADOOP-18619 at 2/10/23 2:54 PM:
--
I had a
[
https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17687104#comment-17687104
]
PJ Fanning edited comment on HADOOP-18619 at 2/10/23 5:40 PM:
--
I had a
[
https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17731654#comment-17731654
]
PJ Fanning commented on HADOOP-18033:
-
We're stuck on Jackson 2.12 because of jersey v1. Jackson
[
https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17731654#comment-17731654
]
PJ Fanning edited comment on HADOOP-18033 at 6/12/23 3:14 PM:
--
We're stuck
PJ Fanning created HADOOP-18783:
---
Summary: upgrade netty to 4.1.94 due to CVE
Key: HADOOP-18783
URL: https://issues.apache.org/jira/browse/HADOOP-18783
Project: Hadoop Common
Issue Type: Task
PJ Fanning created HADOOP-18782:
---
Summary: upgrade to snappy-java 1.1.10.1 due to CVEs
Key: HADOOP-18782
URL: https://issues.apache.org/jira/browse/HADOOP-18782
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17817480#comment-17817480
]
PJ Fanning commented on HADOOP-15984:
-
the jersey dependencies should only be exposed on the small
[
https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17817492#comment-17817492
]
PJ Fanning commented on HADOOP-15984:
-
I don't understand why, for instance, hadoop-common exposes
[
https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17817496#comment-17817496
]
PJ Fanning commented on HADOOP-15984:
-
It does look like we have some client side Jersey code too.
PJ Fanning created HADOOP-19076:
---
Summary: move jersey code in hadoop-common jar to a new
hadoop-jersey1-common jar
Key: HADOOP-19076
URL: https://issues.apache.org/jira/browse/HADOOP-19076
Project:
PJ Fanning created HADOOP-19077:
---
Summary: remove use of javax.ws.rs.core.HttpHeaders
Key: HADOOP-19077
URL: https://issues.apache.org/jira/browse/HADOOP-19077
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17817696#comment-17817696
]
PJ Fanning commented on HADOOP-19076:
-
Thanks [~slfan1989] for the background on Jersey 3. What do
[
https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-19076:
Description:
Hadoop's Jersey dependencies are causing us real trouble.
I'm wondering if it
[
https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17817730#comment-17817730
]
PJ Fanning commented on HADOOP-19076:
-
Thanks [~ste...@apache.org], the idea would be to have 1 jar
PJ Fanning created HADOOP-19078:
---
Summary: reduce use of javax.ws.rs.core.MediaType
Key: HADOOP-19078
URL: https://issues.apache.org/jira/browse/HADOOP-19078
Project: Hadoop Common
Issue Type:
[
https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17816897#comment-17816897
]
PJ Fanning commented on HADOOP-15984:
-
Jersey 1 uses jsr311 jar and Jersey2 uses rs-api jar. These
[
https://issues.apache.org/jira/browse/HADOOP-19081?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-19081:
Description:
We could call it hadoop-ssh-common. This code is only used in 1 or 2 other
places
PJ Fanning created HADOOP-19081:
---
Summary: move ssh/sftp code out of hadoop-common into a dedicated
jar
Key: HADOOP-19081
URL: https://issues.apache.org/jira/browse/HADOOP-19081
Project: Hadoop Common
[
https://issues.apache.org/jira/browse/HADOOP-19079?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
PJ Fanning updated HADOOP-19079:
Description:
It can be dangerous taking class names as inputs from HTTP messages even if we
PJ Fanning created HADOOP-19079:
---
Summary: check that class that is loaded is really an exception
Key: HADOOP-19079
URL: https://issues.apache.org/jira/browse/HADOOP-19079
Project: Hadoop Common
PJ Fanning created HADOOP-19024:
---
Summary: change to bouncy castle jdk1.8 jars
Key: HADOOP-19024
URL: https://issues.apache.org/jira/browse/HADOOP-19024
Project: Hadoop Common
Issue Type: Task
PJ Fanning created HADOOP-19041:
---
Summary: further use of StandardCharsets
Key: HADOOP-19041
URL: https://issues.apache.org/jira/browse/HADOOP-19041
Project: Hadoop Common
Issue Type: Task
[
https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17807140#comment-17807140
]
PJ Fanning commented on HADOOP-18895:
-
[~slfan1989] this was not reverted - it is still fixed in
PJ Fanning created HADOOP-19014:
---
Summary: use jsr311-compat jar to allow us to use Jackson 2.14.3
Key: HADOOP-19014
URL: https://issues.apache.org/jira/browse/HADOOP-19014
Project: Hadoop Common
PJ Fanning created HADOOP-19154:
---
Summary: upgrade bouncy castle to 1.78.1 due to CVEs
Key: HADOOP-19154
URL: https://issues.apache.org/jira/browse/HADOOP-19154
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-19114:
---
Summary: upgrade to commons-compress 1.26.1 due to cves
Key: HADOOP-19114
URL: https://issues.apache.org/jira/browse/HADOOP-19114
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-19116:
---
Summary: update to zookeeper client 3.8.4 due to CVE
Key: HADOOP-19116
URL: https://issues.apache.org/jira/browse/HADOOP-19116
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-19115:
---
Summary: upgrade to nimbus-jose-jwt 9.37.2 due to CVE
Key: HADOOP-19115
URL: https://issues.apache.org/jira/browse/HADOOP-19115
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-19116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17830731#comment-17830731
]
PJ Fanning commented on HADOOP-19116:
-
[~ste...@apache.org] I created
PJ Fanning created HADOOP-19134:
---
Summary: use StringBuilder instead of StringBuffer
Key: HADOOP-19134
URL: https://issues.apache.org/jira/browse/HADOOP-19134
Project: Hadoop Common
Issue
PJ Fanning created HADOOP-19123:
---
Summary: update commons-configuration2 to 2.10.1 due to CVE
Key: HADOOP-19123
URL: https://issues.apache.org/jira/browse/HADOOP-19123
Project: Hadoop Common
PJ Fanning created HADOOP-19088:
---
Summary: upgrade to jersey-json 1.22.0
Key: HADOOP-19088
URL: https://issues.apache.org/jira/browse/HADOOP-19088
Project: Hadoop Common
Issue Type: Bug
PJ Fanning created HADOOP-19090:
---
Summary: Update Protocol Buffers installation to 3.23.4
Key: HADOOP-19090
URL: https://issues.apache.org/jira/browse/HADOOP-19090
Project: Hadoop Common
Issue
[
https://issues.apache.org/jira/browse/HADOOP-18197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17821186#comment-17821186
]
PJ Fanning commented on HADOOP-18197:
-
I have https://github.com/apache/hadoop-thirdparty/pull/34
[
https://issues.apache.org/jira/browse/HADOOP-19090?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17822242#comment-17822242
]
PJ Fanning commented on HADOOP-19090:
-
I think we'll need a new release to avoid that bytebuffer
[
https://issues.apache.org/jira/browse/HADOOP-18197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17820707#comment-17820707
]
PJ Fanning commented on HADOOP-18197:
-
The fix only seems to be in protobuf-java 3.23 and above -
101 - 167 of 167 matches
Mail list logo