MisterRaindrop commented on issue #42: URL: https://github.com/apache/cloudberry-pxf/issues/42#issuecomment-3809595071
Regarding CVE, I have been researching for a while. PXF depends on Spring Boot. Currently, the Spring Boot 3.4.x series has no vulnerabilities. However, their minimum required JDK version is 17. Hadoop currently likely only supports up to JDK 11. PXF also depends on the JDK in Cloudberry. Currently, the kernel is JDK 8. If we need to change the JDK, we must upgrade from Cloudberry to the surrounding Java components in the Cloudberry ecosystem. This change would be very extensive. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
