Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16676

Backport HADOOP-16152 to branch-3.2

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.1
    • Fix Version/s: 3.2.2
    • Component/s: common
    • Labels:
      None
    • Target Version/s:

      Description

      Hello,

       

      org.apache.hadoop:hadoop-common define the dependency to jetty-webapp and jetty-xml in version v9.3.24 with known CVE-2017-9735. Please can you upgrade to version 9.4.7 or higher?

      +--- org.apache.hadoop:hadoop-client:3.2.1

      +--- org.apache.hadoop:hadoop-common:3.2.1
      +--- org.eclipse.jetty:jetty-webapp:9.3.24.v20180605
          +--- org.eclipse.jetty:jetty-xml:9.3.24.v20180605
          --- org.eclipse.jetty:jetty-servlet:9.3.24.v20180605

        Attachments

        1. HADOOP-16676.branch-3.2.001.patch
          15 kB
          Siyao Meng
        2. HADOOP-16676.branch-3.2.001.patch
          24 kB
          Siyao Meng
        3. HADOOP-16676.branch-3.2.002.patch
          14 kB
          Siyao Meng

        Issue Links

          Activity

            People

            • Assignee:
              smeng Siyao Meng
              Reporter:
              dawinter DW

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment