Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14100

Upgrade Jsch jar to latest version to fix vulnerability in old versions

Log workAgile BoardRank to TopRank to BottomAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 2.7.3, 2.6.5
    • 2.9.0, 2.7.4, 3.0.0-alpha4, 2.8.2
    • None
    • None
    • Reviewed

    Description

      Recently there was on vulnerability reported on jsch library. Its fixed in latest 0.1.54 version before CVE was made public.
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5725

      So, need to upgrade jsch to latest 0.1.54 version.

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            vinayakumarb Vinayakumar B Assign to me
            vinayakumarb Vinayakumar B
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment