[ https://issues.apache.org/jira/browse/HADOOP-18136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Loughran updated HADOOP-18136: ------------------------------------ Summary: Verify FileUtils.unTar() handling of missing .tar files: Fixes CVE-2022-25168 (was: Verify FileUtils.unTar() handling of missing .tar files) > Verify FileUtils.unTar() handling of missing .tar files: Fixes CVE-2022-25168 > ----------------------------------------------------------------------------- > > Key: HADOOP-18136 > URL: https://issues.apache.org/jira/browse/HADOOP-18136 > Project: Hadoop Common > Issue Type: Improvement > Components: test, util > Affects Versions: 3.1.4, 2.10.1, 3.3.1, 3.2.3 > Reporter: Steve Loughran > Assignee: Steve Loughran > Priority: Minor > Fix For: 2.10.2, 3.2.4, 3.3.3 > > > add a test to verify FileUtils.unTar() of a non .gz fails meaningfully if > file isn't present; fix if not. > test both the unix and windows paths. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org