-
Type:
Improvement
-
Status: Closed
-
Priority:
Blocker
-
Resolution: Fixed
-
Affects Version/s: 1.10.0
-
Component/s: Connectors / Hive
-
Labels:
hive-metastore depends on derby 10.10/10.4, which are vulnerable to CVE-2015-1832.
We should bump the version to at least 10.12.1.1 .
Assuming that derby is only required for the server and not the client we could potentially even exclude it.
Bowen Li Can you help with this?
- links to