[GitHub] [camel-quarkus] aldettinger commented on issue #3763: CVE-2022-26612: Apache Hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows
aldettinger commented on issue #3763: URL: https://github.com/apache/camel-quarkus/issues/3763#issuecomment-1371069940 hbase has been deprecated in camel-quarkus commit https://github.com/apache/camel-quarkus/commit/bbbee804a215072c217912ffbf922a2438453c52 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [camel-quarkus] aldettinger commented on issue #3763: CVE-2022-26612: Apache Hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows
aldettinger commented on issue #3763: URL: https://github.com/apache/camel-quarkus/issues/3763#issuecomment-1326731347 Ok, let's deprecate both in Camel Quarkus then. We could come back if there is a strong community involvement to narrow down the maintenance burden in the future. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [camel-quarkus] aldettinger commented on issue #3763: CVE-2022-26612: Apache Hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows
aldettinger commented on issue #3763: URL: https://github.com/apache/camel-quarkus/issues/3763#issuecomment-1326190424 There was discussion in camel upstream to talk about deprecating spark, hbase and hdfs: + camel-spark (will be deprecated in camel, already removed in camel-quarkus) + camel-hbase (will be deprecated in camel, we could deprecate as well in camel-quarkus) Concerning camel-hdfs, the deprecation is reported in camel as there is community interest. Now come the question of the maintenance in camel-quarkus: + This CVE should be fixed + I think we would have a single hadoop version left as we remove hbase + However I don't know how bad alignement/convergence could still be At this stage, I would report the deprecation of camel-quarkus-hdfs and reconsider when we hit another big maintenance issue. @jamesnetherton @ppalaga What do you think ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [camel-quarkus] aldettinger commented on issue #3763: CVE-2022-26612: Apache Hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows
aldettinger commented on issue #3763: URL: https://github.com/apache/camel-quarkus/issues/3763#issuecomment-1176615371 I agree we should deprecate them. Plus the hadoop community is not responsive about security. Plus we are relying on old versions without possibility to upgrade (at least for hbase). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
