[ https://issues.apache.org/jira/browse/HADOOP-18344?focusedWorklogId=796034&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-796034 ]
ASF GitHub Bot logged work on HADOOP-18344: ------------------------------------------- Author: ASF GitHub Bot Created on: 28/Jul/22 10:42 Start Date: 28/Jul/22 10:42 Worklog Time Spent: 10m Work Description: steveloughran commented on PR #4645: URL: https://github.com/apache/hadoop/pull/4645#issuecomment-1197975586 merged manually Issue Time Tracking ------------------- Worklog Id: (was: 796034) Time Spent: 4h 10m (was: 4h) > AWS SDK update to 1.12.262 to address jackson CVE-2018-7489 > ------------------------------------------------------------ > > Key: HADOOP-18344 > URL: https://issues.apache.org/jira/browse/HADOOP-18344 > Project: Hadoop Common > Issue Type: Sub-task > Components: fs/s3 > Affects Versions: 3.4.0, 3.3.4 > Reporter: Steve Loughran > Assignee: Steve Loughran > Priority: Major > Labels: pull-request-available > Time Spent: 4h 10m > Remaining Estimate: 0h > > yet another jackson CVE in aws sdk > https://github.com/apache/hadoop/pull/4491/commits/5496816b472473eb7a9c174b7d3e69b6eee1e271 > maybe we need to have a list of all shaded jackson's we get on the CP and > have a process of upgrading them all at the same time -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org