[HIVE-28269] Please have regular releases of hive and its docker image - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Wish
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

Hi, we as a company are users of Hive metastore and use the docker images. The latest docker image 4.0.0 has a lot of vulnerabilities. I see most of them are patched in the mainline code but a release has not been made available.

Can we/I help in anyway to have regular releases at the very least for the security patches? if not us then this is request to the hive maintainers to have regular releases.

Attachments

Issue Links

is caused by

HIVE-26484 Introduce gRPC Proto Definition

Closed

HIVE-23184 Upgrade druid to 0.17.1

Closed

HIVE-26594 Upgrade netty to 4.1.77 due to CVE-2022-24823

Closed

HIVE-26790 Upgrade to protobuf 3.21.7 / grpc 1.51.0; build on Apple M1

Closed

is fixed by

HIVE-27730 Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4

Closed

HIVE-28052 Iceberg: Major QB Compaction fails with ClassNotFoundException: org.springframework.core.ErrorCoded

Closed

HIVE-28073 Upgrade jackson version to 2.16.1

Closed

HIVE-28125 Bump org.apache.zookeeper:zookeeper from 3.8.3 to 3.8.4

Resolved

HIVE-28147 Upgrade commons-compress to 1.26.0

Resolved

HIVE-28257 Bump org.bouncycastle:bcprov-jdk18on from 1.77 to 1.78

Resolved

HIVE-26173 Upgrade derby to 10.14.2.0

Closed

HIVE-27757 Upgrade hadoop to 3.3.6

Closed

HIVE-27845 Upgrade protobuf to 3.24.4 to fix CVEs

Closed

HIVE-27877 Bump org.apache.avro:avro from 1.11.1 to 1.11.3

Closed

HIVE-27907 Upgrade aws-java-sdk version in HIVE

Closed

links to

Fixed by Upgrade to httpcomponents

(10 is fixed by, 1 links to)

Activity

People

Assignee:: Unassigned

Reporter:: Raviteja Lokineni

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/May/24 16:21

Updated:: 12/Jun/24 17:01