[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16963616#comment-16963616 ] Chao Sun commented on HADOOP-15816: --- Thanks! > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16963557#comment-16963557 ] Akira Ajisaka commented on HADOOP-15816: [~csun] probably it is safe. We need to upgrade Apache Curator as well (HADOOP-15974). > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16961421#comment-16961421 ] Chao Sun commented on HADOOP-15816: --- [~aajisaka] is this safe to backport to branch 2? Thanks. > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16661045#comment-16661045 ] Jason Lowe commented on HADOOP-15816: - This change caused at least one unit test to break, see YARN-8937. > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16639566#comment-16639566 ] Akira Ajisaka commented on HADOOP-15816: Thanks [~tasanuma0829] and [~borisvu]! > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16639343#comment-16639343 ] Hudson commented on HADOOP-15816: - SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #15123 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/15123/]) HADOOP-15816. Upgrade Apache Zookeeper version due to security concerns. (tasanuma: rev 241cbec2dab3c3d49b48f42b86e8bd85cd1f08f3) * (edit) hadoop-project/pom.xml > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1, 3.0.3 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.2.0, 3.0.4, 3.3.0, 3.1.2 > > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16639332#comment-16639332 ] Takanobu Asanuma commented on HADOOP-15816: --- Committed to branch-3.0, branch-3.1, branch-3.2 and trunk. Thanks for the contribution, [~ajisakaa]! Thanks for reporting this issue, [~borisvu]! > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[ https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16639278#comment-16639278 ] Takanobu Asanuma commented on HADOOP-15816: --- +1. Will commit it later. > Upgrade Apache Zookeeper version due to security concerns > - > > Key: HADOOP-15816 > URL: https://issues.apache.org/jira/browse/HADOOP-15816 > Project: Hadoop Common > Issue Type: Task >Affects Versions: 3.1.1 >Reporter: Boris Vulikh >Assignee: Akira Ajisaka >Priority: Major > Attachments: HADOOP-15816.01.patch > > > * > [CVE-2018-8012|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8012] > * > [CVE-2017-5637|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5637] > We should upgrade the dependency to version 3.4.11 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-15816) Upgrade Apache Zookeeper version due to security concerns
[
https://issues.apache.org/jira/browse/HADOOP-15816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16637914#comment-16637914
]
Hadoop QA commented on HADOOP-15816:
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m
45s{color} | {color:blue} Docker mode activated. {color} |
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:red}-1{color} | {color:red} test4tests {color} | {color:red} 0m
0s{color} | {color:red} The patch doesn't appear to include any new or modified
tests. Please justify why no new tests are needed for this patch. Also please
list what manual steps were performed to verify this patch. {color} |
|| || || || {color:brown} trunk Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 19m
10s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m
14s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 0m
17s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} shadedclient {color} | {color:green}
30m 52s{color} | {color:green} branch has no errors when building and testing
our client artifacts. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m
16s{color} | {color:green} trunk passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m
12s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m
11s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m
11s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 0m
13s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} xml {color} | {color:green} 0m
1s{color} | {color:green} The patch has no ill-formed XML file. {color} |
| {color:green}+1{color} | {color:green} shadedclient {color} | {color:green}
12m 39s{color} | {color:green} patch has no errors when building and testing
our client artifacts. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m
13s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m
13s{color} | {color:green} hadoop-project in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
27s{color} | {color:green} The patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 46m 59s{color} |
{color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:4b8c2b1 |
| JIRA Issue | HADOOP-15816 |
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12942354/HADOOP-15816.01.patch
|
| Optional Tests | dupname asflicense compile javac javadoc mvninstall
mvnsite unit shadedclient xml |
| uname | Linux b1dd4bd16fbf 4.4.0-134-generic #160~14.04.1-Ubuntu SMP Fri Aug
17 11:07:07 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | /testptch/patchprocess/precommit/personality/provided.sh |
| git revision | trunk / 81f635f |
| maven | version: Apache Maven 3.3.9 |
| Default Java | 1.8.0_181 |
| Test Results |
https://builds.apache.org/job/PreCommit-HADOOP-Build/15288/testReport/ |
| Max. process+thread count | 341 (vs. ulimit of 1) |
| modules | C: hadoop-project U: hadoop-project |
| Console output |
https://builds.apache.org/job/PreCommit-HADOOP-Build/15288/console |
| Powered by | Apache Yetus 0.8.0 http://yetus.apache.org |
This message was automatically generated.
> Upgrade Apache Zookeeper version due to security concerns
> -
>
> Key: HADOOP-15816
> URL: https://issues.apache.org/jira/browse/HADOOP-15816
> Project: Hadoop Common
> Issue Type: Task
>Affects Versions: 3.1.1
>Reporter: Boris Vulikh
>Assignee: Akira Ajisaka
>Priority: Major
> Attachments: HADOOP-15816.01.patch
>
>
> *
>
