Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12767

update apache httpclient version to 4.5.2; httpcore to 4.4.4

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.7.2
    • 2.8.0, 3.0.0-alpha1
    • build
    • None

    Description

      Various SSL security fixes are needed. See: CVE-2012-6153, CVE-2011-4461, CVE-2014-3577, CVE-2015-5262.

      Attachments

        1. HADOOP-12767.001.patch
          0.4 kB
          Wei-Chiu Chuang
        2. HADOOP-12767.002.patch
          2 kB
          Artem Aliev
        3. HADOOP-12767.003.patch
          6 kB
          Artem Aliev
        4. HADOOP-12767.004.patch
          4 kB
          Artem Aliev
        5. HADOOP-12767-branch-2.004.patch
          4 kB
          Artem Aliev
        6. HADOOP-12767-branch-2.005.patch
          4 kB
          Masatake Iwasaki
        7. HADOOP-12767-branch-2-005.patch
          4 kB
          Steve Loughran

        Issue Links

          breaks

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-11859 PseudoAuthenticationHandler fails with httpcomponents v4.4

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-13183 S3A proxy tests fail after httpclient/httpcore upgrade.

          • Major - Major loss of function.
          • Resolved
          incorporates

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-13044 Amazon S3 library 10.10.60+ (JDK8u60+) depends on http components 4.3

          • Major - Major loss of function.
          • Resolved
          is depended upon by

          Sub-task - The sub-task of the issue HADOOP-11614 Remove httpclient dependency from hadoop-openstack

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Sub-task - The sub-task of the issue HADOOP-13050 Upgrade to AWS SDK 1.11.45

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-16055 Upgrade AWS SDK to 1.11.271 in branch-2

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-9991 Fix up Hadoop POMs, roll up JARs to latest versions

          • Major - Major loss of function.
          • Open
          is related to

          Sub-task - The sub-task of the issue SOLR-9763 Remove the workaround implemented for HADOOP-12767

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-16055 Upgrade AWS SDK to 1.11.271 in branch-2

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-13215 INTERNAL_SERVER_ERROR due to NPE from PseudoAuthenticationHandler

          • Major - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-14455 upgrade httpclient, httpcore to match updated hadoop dependency

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-10105 remove httpclient dependency

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-13044 Amazon S3 library 10.10.60+ (JDK8u60+) depends on http components 4.3

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link HTTPCLIENT-1478 (https calls ignore http.socket.timeout during SSL Handshake)

          Activity

            People

              artem.aliev Artem Aliev
              artem.aliev Artem Aliev
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: