[
https://issues.apache.org/jira/browse/TEZ-4410?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17530488#comment-17530488
]
Sruthi Mooriyathvariam edited comment on TEZ-4410 at 5/1/22 6:04 AM:
---------------------------------------------------------------------
[~abstractdog] , Thanks for your comment.
I see that the Jira: TEZ-4363 is upgrading the protobuf version to 3.19.4 and I
guess the vulnerability
[CVE-2021-22569|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569]
would be handled with this change as the problem was with version 2.5.0.
Thus closing this ticket as its duplicate.
was (Author: warriersruthi):
[~abstractdog] , I see that the Jira: TEZ-4363 is upgrading the protobuf
version to 3.19.4 and I guess the vulnerability
[CVE-2021-22569|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569]
would be handled with this change as the problem was with version 2.5.0.
Thus closing this ticket as its duplicate.
> Upgrade protobuf-java version to 3.16.1 to resolve the security compliance
> issue CVE-2021-22569
> -----------------------------------------------------------------------------------------------
>
> Key: TEZ-4410
> URL: https://issues.apache.org/jira/browse/TEZ-4410
> Project: Apache Tez
> Issue Type: Task
> Reporter: Sruthi Mooriyathvariam
> Priority: Minor
>
> Link: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569]
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
