[PIG-4811] Upgrade groovy library to address MethodClosure vulnerability - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.16.0
Component/s: None
Labels:
None

Hadoop Flags:

Reviewed

Description

Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253
As Groovy versions 1.7.0 through 2.4.3 are affected by the above CVE, groovy library should be upgraded.

I'd like to upgrade to the latest version, which is 2.4.5.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

PIG-4811.patch
17/Feb/16 18:25
0.4 kB
Daniel Dai

Activity

People

Assignee:: Daniel Dai

Reporter:: Daniel Dai

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 17/Feb/16 18:25

Updated:: 08/Jun/16 20:48

Resolved:: 20/Feb/16 00:39