[OFBIZ-6756] Remove useless and vulnerable hadoop-hdfs-2.2.0.jar - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Trunk
Fix Version/s: 16.11.01
Component/s: solr
Labels:
None

Sprint:
Bug Crush Event - 21/2/2015

Description

The hadoop-hdfs-2.2.0.jar lib has been introduced with the solr component but the hadoop-hdfs-2.6.0.jar is also there and if hadoop-hdfs-2.2.0.jar is removed OFBiz compiles w/o issues. Without hadoop-hdfs-2.2.0.jar the tests pass.

Note: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3627

Attachments

Activity

People

Assignee:: Jacques Le Roux

Reporter:: Jacques Le Roux

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Dec/15 21:12

Updated:: 05/Dec/15 22:28

Resolved:: 05/Dec/15 22:05