Syed Shameerur Rahman created HIVE-25942: --------------------------------------------
Summary: Upgrade commons-io to 2.8.0 due to CVE-2021-29425 Key: HIVE-25942 URL: https://issues.apache.org/jira/browse/HIVE-25942 Project: Hive Issue Type: Bug Reporter: Syed Shameerur Rahman Assignee: Syed Shameerur Rahman Fix For: 4.0.0 Due to [CVE-2021-29425|https://nvd.nist.gov/vuln/detail/CVE-2021-29425] all the commons-io versions below 2.7 are affected. Tez and Hadoop have upgraded commons-io to 2.8.0 in [TEZ-4353|https://issues.apache.org/jira/browse/TEZ-4353] and [HADOOP-17683|https://issues.apache.org/jira/browse/HADOOP-17683] respectively and it will be good if Hive also follows the same. -- This message was sent by Atlassian Jira (v8.20.1#820001)