[jira] [Created] (TEZ-4560) Upgrade bouncycastle to 1.77 due to CVE.

2024-05-04 Thread Shilun Fan (Jira) 
Shilun Fan created TEZ-4560:
---

 Summary: Upgrade bouncycastle to 1.77 due to CVE.
 Key: TEZ-4560
 URL: https://issues.apache.org/jira/browse/TEZ-4560
 Project: Apache Tez
  Issue Type: Improvement
Reporter: Shilun Fan
Assignee: Shilun Fan


There are 2 CVE issues in bcprov-jdk15on, CVE-2023-33202 and CVE-2023-33201. We 
can find more information at the following link:

[https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.70]

 

[CVE-2023-33202|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33202]
[CVE-2023-33201|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Build failed in Jenkins: Tez-qbt-0.10-Build #185

2024-05-04 Thread Apache Jenkins Server 
See 


Changes:

[github] TEZ-4558. Update build setup maven version and enforcer minimum to 
correct minimum (#350)


--
[...truncated 32.42 KB...]







   yamllint plugin: full








javadoc verification: full




cd 
mvn --batch-mode 
-Dmaven.repo.local=
 clean javadoc:javadoc -DskipTests=true > 

 2>&1
Elapsed:   0m 43s
cd 
mvn --batch-mode 
-Dmaven.repo.local=
 clean javadoc:javadoc -DskipTests=true > 

 2>&1
Elapsed:   0m 41s

root-jdkUbuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1 with JDK 
Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1 has 29 issues.





findbugs detection: master




cd 
mvn --batch-mode 
-Dmaven.repo.local=
 test-compile findbugs:findbugs -DskipTests=true > 

 2>&1
Elapsed:   3m 16s

Building findbugs database(s) using /usr for executables.

[warning] /usr/bin/unionBugs: Unable to locate ant in /usr/share/java
[warning] /usr/bin/setBugDatabaseInfo: Unable to locate ant in /usr/share/java
[warning] /usr/bin/convertXmlToText: Unable to locate ant in /usr/share/java
[warning] /usr/bin/filterBugs: Unable to locate ant in /usr/share/java

root in master has 3 extant findbugs warnings.





Running unit tests




cd 
mvn --batch-mode 
-Dmaven.repo.local=
 clean test -fae > 

 2>&1
Elapsed:  40m 31s
cd 
mvn --batch-mode 
-Dmaven.repo.local=
 clean test -fae > 

 2>&1
Elapsed:  40m  7s

root in the source failed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1.





 Determining number of ASF License errors




cd 
mvn --batch-mode 
-Dmaven.repo.local=
 -fn apache-rat:check >