Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14100

Upgrade Jsch jar to latest version to fix vulnerability in old versions

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.7.3, 2.6.5
    • Fix Version/s: 2.9.0, 2.7.4, 3.0.0-alpha4, 2.8.2
    • Component/s: None
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      Recently there was on vulnerability reported on jsch library. Its fixed in latest 0.1.54 version before CVE was made public.
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5725

      So, need to upgrade jsch to latest 0.1.54 version.

        Attachments

        1. HADOOP-14100-branch-2.7.patch
          0.5 kB
          Brahma Reddy Battula
        2. HADOOP-14100-01.patch
          0.5 kB
          Vinayakumar B

          Issue Links

            Activity

              People

              • Assignee:
                vinayrpet Vinayakumar B
                Reporter:
                vinayrpet Vinayakumar B
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: