[ https://issues.apache.org/jira/browse/HADOOP-15815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662946#comment-16662946 ]
Bharat Viswanadham edited comment on HADOOP-15815 at 10/24/18 10:48 PM: ------------------------------------------------------------------------ >From the Jira comments MSHADE-242 is happening in case of minifying the jar, this issue happens when relocating classes of jars with a module descriptor. This will also mean that it'll break the intended strong encapsulation. Java 9 will not provide a solution for that yet, so I guess we'll have to log a warning as well. It might impact Java 9, as this oms 6 supports Java 9. But I have not completely understood the issue or will it affect Java 8? Is this what you are asking [~busbey] Ping [~ajisakaa] and [~tasanuma0829] for help on this to know any impact it will create just by upgrading the maven shaded plugin version and ignore this warning. was (Author: bharatviswa): >From the Jira comments MSHADE-242 is happening in case of minifying the jar, this issue happens when relocating classes of jars with a module descriptor. This will also mean that it'll break the intended strong encapsulation. Java 9 will not provide a solution for that yet, so I guess we'll have to log a warning as well. It might impact Java 9, as this oms 6 supports java 9. But I have not completely understood the issue or will it affect Java 8? Is this what you are asking [~busbey] Tagging [~ajisakaa] for help on this to know any impact it will create just by upgrading the maven shaded plugin version and ignore this warning. > Upgrade Eclipse Jetty version due to security concerns > ------------------------------------------------------ > > Key: HADOOP-15815 > URL: https://issues.apache.org/jira/browse/HADOOP-15815 > Project: Hadoop Common > Issue Type: Task > Affects Versions: 3.1.1, 3.0.3 > Reporter: Boris Vulikh > Assignee: Boris Vulikh > Priority: Major > Attachments: HADOOP-15815.01-2.patch > > > * > [CVE-2017-7657|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7657] > * > [CVE-2017-7658|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7658] > * > [CVE-2017-7656|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7656] > * > [CVE-2018-12536|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12536] > We should upgrade the dependency to version 9.3.24 or the latest, if possible. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org