[jira] [Commented] (TEZ-4083) Upgrade to latest 9.4.x Jetty version

Jira Fri, 25 Oct 2019 04:06:17 -0700


    [ 
https://issues.apache.org/jira/browse/TEZ-4083?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16959652#comment-16959652
 ]


László Bodor commented on TEZ-4083:
-----------------------------------

yes, that's the problem...I think I'll leave this ticket open for later 
reference, and once upstream tez upgrades to a released hadoop 3.3.0, this can 
be resolved

> Upgrade to latest 9.4.x Jetty version
> -------------------------------------
>
>                 Key: TEZ-4083
>                 URL: https://issues.apache.org/jira/browse/TEZ-4083
>             Project: Apache Tez
>          Issue Type: Improvement
>            Reporter: Daniel Velasquez
>            Assignee: László Bodor
>            Priority: Major
>         Attachments: TEZ-4083.01.patch
>
>
> Jetty 9.3.24.v20180605 has security vulnerabilities where the server is 
> vulnerable to XSS conditions.
> [https://www.cvedetails.com/cve/CVE-2019-10241/]
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (TEZ-4083) Upgrade to latest 9.4.x Jetty version

Reply via email to