[jira] [Work logged] (HADOOP-17649) Update wildfly openssl to 2.1.3.Final

Mon, 19 Apr 2021 05:35:07 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-17649?focusedWorklogId=585104&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-585104
 ]

ASF GitHub Bot logged work on HADOOP-17649:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 19/Apr/21 12:34
            Start Date: 19/Apr/21 12:34
    Worklog Time Spent: 10m 
      Work Description: virajjasani commented on pull request #2932:
URL: https://github.com/apache/hadoop/pull/2932#issuecomment-822431445


   Before creating this PR, local build went well. Hence I raised PR and since 
we have updated License-binary file, we will have full QA build taking 17+ hr 
worth of time. Hopefully even if 1/5 build completes without timing out, we 
will know how overall QA looks like. In the meanwhile, let me see 
wildfly-openssl 2.x release notes.
   Thanks


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 585104)
    Time Spent: 20m  (was: 10m)

> Update wildfly openssl to 2.1.3.Final
> -------------------------------------
>
>                 Key: HADOOP-17649
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17649
>             Project: Hadoop Common
>          Issue Type: Task
>            Reporter: Wei-Chiu Chuang
>            Assignee: Viraj Jasani
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> https://nvd.nist.gov/vuln/detail/CVE-2020-25644
> A memory leak flaw was found in WildFly OpenSSL in versions prior to 
> 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to 
> cause OOM leading to a denial of service. The highest threat from this 
> vulnerability is to system availability.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to