[
https://issues.apache.org/jira/browse/HADOOP-15815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663108#comment-16663108
]
Sunil Govindan commented on HADOOP-15815:
-----------------------------------------
Hi [~borisvu] [~bharatviswa] [~busbey]
3.2 release preps are on going and RC is almost ready. Could u pls help to
confirm the status of this issue. Is this a blocker for any release from hadoop
line? cud u pls help to confirm. If so, when can we land this and any impacts
if any?
> Upgrade Eclipse Jetty version due to security concerns
> ------------------------------------------------------
>
> Key: HADOOP-15815
> URL: https://issues.apache.org/jira/browse/HADOOP-15815
> Project: Hadoop Common
> Issue Type: Task
> Affects Versions: 3.1.1, 3.0.3
> Reporter: Boris Vulikh
> Assignee: Boris Vulikh
> Priority: Major
> Attachments: HADOOP-15815.01-2.patch
>
>
> *
> [CVE-2017-7657|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7657]
> *
> [CVE-2017-7658|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7658]
> *
> [CVE-2017-7656|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7656]
> *
> [CVE-2018-12536|https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12536]
> We should upgrade the dependency to version 9.3.24 or the latest, if possible.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
