[PARQUET-2338] CVE-2022-25168 in hadoop-common - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.13.1
Fix Version/s: None
Component/s: parquet-hadoop
Labels:
None

Description

CVE-2022-25168 requires updating hadoop-common to 3.2.4 or 3.3.3.

Although `FileUtils.untar` isnt used inparquet-hadoop, will appreciate if we can release a new parquet-hadoop soon with these newer version. Otherwise parquet-hadoop will be flagged as security concern too.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: jincongho

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 17/Aug/23 21:41

Updated:: 23/Jun/24 03:33