[jira] [Updated] (YARN-11606) Upgrade fst to 2.57

ASF GitHub Bot (Jira) Thu, 02 Nov 2023 10:11:04 -0700


     [ 
https://issues.apache.org/jira/browse/YARN-11606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


ASF GitHub Bot updated YARN-11606:
----------------------------------
    Labels: pull-request-available  (was: )

> Upgrade fst to 2.57
> -------------------
>
>                 Key: YARN-11606
>                 URL: https://issues.apache.org/jira/browse/YARN-11606
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: D M Murali Krishna Reddy
>            Assignee: D M Murali Krishna Reddy
>            Priority: Major
>              Labels: pull-request-available
>
> de.ruedigermoeller:fst has a dependency of json-io:2.5.1 which is vulnerable 
> with CVE-2023-34610, Higher versions of fst do not have any dependency with 
> json-io.
> [https://nvd.nist.gov/vuln/detail/CVE-2023-34610] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (YARN-11606) Upgrade fst to 2.57

Reply via email to