hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bharat Viswanadham (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HADOOP-15815) Upgrade Eclipse Jetty version due to security concerns
Date Thu, 25 Oct 2018 17:53:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664083#comment-16664083
] 

Bharat Viswanadham edited comment on HADOOP-15815 at 10/25/18 5:52 PM:
-----------------------------------------------------------------------

Hi Sunil,

Yes we need HADOOP-15882 to get this change committed.

There will be no impact to UI with this change. This Jira upgrades eclipse jetty due to above
mentioned CVE's, and other update shaded plugin version.


was (Author: bharatviswa):
Hi Sunil,

There will be no impact to UI with this change. This Jira upgrades eclipse jetty due to above
mentioned CVE's, and other update shaded plugin version.

> Upgrade Eclipse Jetty version due to security concerns
> ------------------------------------------------------
>
>                 Key: HADOOP-15815
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15815
>             Project: Hadoop Common
>          Issue Type: Task
>    Affects Versions: 3.1.1, 3.0.3
>            Reporter: Boris Vulikh
>            Assignee: Boris Vulikh
>            Priority: Major
>         Attachments: HADOOP-15815.01-2.patch
>
>
> * [CVE-2017-7657|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7657]
>  * [CVE-2017-7658|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7658]
>  * [CVE-2017-7656|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7656]
>  * [CVE-2018-12536|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12536]
> We should upgrade the dependency to version 9.3.24 or the latest, if possible.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message