[jira] [Commented] (HIVE-21173) Upgrade Apache Thrift to 0.9.3-1
[ https://issues.apache.org/jira/browse/HIVE-21173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16891727#comment-16891727 ] Laszlo Bodor commented on HIVE-21173: - pushed to master, thanks [~dlavati]! > Upgrade Apache Thrift to 0.9.3-1 > > > Key: HIVE-21173 > URL: https://issues.apache.org/jira/browse/HIVE-21173 > Project: Hive > Issue Type: Bug > Components: Thrift API >Reporter: James E. King III >Assignee: David Lavati >Priority: Major > Labels: pull-request-available > Attachments: HIVE-21173.01.patch > > Time Spent: 40m > Remaining Estimate: 0h > > The project currently depends on libthrift-0.9.3, however thrift released > 0.12.0 on 2019-JAN-04. This release includes a security fix for THRIFT-4506 > (CVE-2018-1320). Updating thrift to the latest version will remove that > vulnerability. > Also note the Apache Thrift project does not publish "libfb303" any longer. > fb303 is contributed code (in '/contrib') and it has not been maintained. > > Ps.: 0.9.3.1 also addresses the CVE, see THRIFT-4506 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Commented] (HIVE-21173) Upgrade Apache Thrift to 0.9.3-1
[ https://issues.apache.org/jira/browse/HIVE-21173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16888038#comment-16888038 ] Laszlo Bodor commented on HIVE-21173: - assuming that 0.9.3-1 doesn't really affect already generated thrift files, +1 > Upgrade Apache Thrift to 0.9.3-1 > > > Key: HIVE-21173 > URL: https://issues.apache.org/jira/browse/HIVE-21173 > Project: Hive > Issue Type: Bug > Components: Thrift API >Reporter: James E. King III >Assignee: David Lavati >Priority: Major > Labels: pull-request-available > Attachments: HIVE-21173.01.patch > > Time Spent: 10m > Remaining Estimate: 0h > > The project currently depends on libthrift-0.9.3, however thrift released > 0.12.0 on 2019-JAN-04. This release includes a security fix for THRIFT-4506 > (CVE-2018-1320). Updating thrift to the latest version will remove that > vulnerability. > Also note the Apache Thrift project does not publish "libfb303" any longer. > fb303 is contributed code (in '/contrib') and it has not been maintained. > > Ps.: 0.9.3.1 also addresses the CVE, see THRIFT-4506 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Commented] (HIVE-21173) Upgrade Apache Thrift to 0.9.3-1
[ https://issues.apache.org/jira/browse/HIVE-21173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16888030#comment-16888030 ] David Lavati commented on HIVE-21173: - There weren't any generated changes, as this release only affected the related jar. > Upgrade Apache Thrift to 0.9.3-1 > > > Key: HIVE-21173 > URL: https://issues.apache.org/jira/browse/HIVE-21173 > Project: Hive > Issue Type: Bug > Components: Thrift API >Reporter: James E. King III >Assignee: David Lavati >Priority: Major > Labels: pull-request-available > Attachments: HIVE-21173.01.patch > > Time Spent: 10m > Remaining Estimate: 0h > > The project currently depends on libthrift-0.9.3, however thrift released > 0.12.0 on 2019-JAN-04. This release includes a security fix for THRIFT-4506 > (CVE-2018-1320). Updating thrift to the latest version will remove that > vulnerability. > Also note the Apache Thrift project does not publish "libfb303" any longer. > fb303 is contributed code (in '/contrib') and it has not been maintained. > > Ps.: 0.9.3.1 also addresses the CVE, see THRIFT-4506 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Commented] (HIVE-21173) Upgrade Apache Thrift to 0.9.3-1
[
https://issues.apache.org/jira/browse/HIVE-21173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16888025#comment-16888025
]
Hive QA commented on HIVE-21173:
Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12975153/HIVE-21173.01.patch
{color:red}ERROR:{color} -1 due to no test(s) being added or modified.
{color:green}SUCCESS:{color} +1 due to 16681 tests passed
Test results:
https://builds.apache.org/job/PreCommit-HIVE-Build/18084/testReport
Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/18084/console
Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-18084/
Messages:
{noformat}
Executing org.apache.hive.ptest.execution.TestCheckPhase
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.YetusPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
{noformat}
This message is automatically generated.
ATTACHMENT ID: 12975153 - PreCommit-HIVE-Build
> Upgrade Apache Thrift to 0.9.3-1
>
>
> Key: HIVE-21173
> URL: https://issues.apache.org/jira/browse/HIVE-21173
> Project: Hive
> Issue Type: Bug
> Components: Thrift API
>Reporter: James E. King III
>Assignee: David Lavati
>Priority: Major
> Labels: pull-request-available
> Attachments: HIVE-21173.01.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The project currently depends on libthrift-0.9.3, however thrift released
> 0.12.0 on 2019-JAN-04.This release includes a security fix for
> THRIFT-4506 (CVE-2018-1320). Updating thrift to the latest version will
> remove that vulnerability.
> Also note the Apache Thrift project does not publish "libfb303" any longer.
> fb303 is contributed code (in '/contrib') and it has not been maintained.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
[jira] [Commented] (HIVE-21173) Upgrade Apache Thrift to 0.9.3-1
[
https://issues.apache.org/jira/browse/HIVE-21173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16887995#comment-16887995
]
Hive QA commented on HIVE-21173:
| (/) *{color:green}+1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
|| || || || {color:brown} master Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 8m
48s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 5m
55s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 6m
42s{color} | {color:green} master passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 6m
44s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 5m
51s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 5m
51s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} xml {color} | {color:green} 0m
1s{color} | {color:green} The patch has no ill-formed XML file. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 6m
45s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
13s{color} | {color:green} The patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 41m 16s{color} |
{color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Optional Tests | asflicense javac javadoc xml compile |
| uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian
3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
/data/hiveptest/working/yetus_PreCommit-HIVE-Build-18084/dev-support/hive-personality.sh
|
| git revision | master / 374f361 |
| Default Java | 1.8.0_111 |
| modules | C: . U: . |
| Console output |
http://104.198.109.242/logs//PreCommit-HIVE-Build-18084/yetus.txt |
| Powered by | Apache Yetushttp://yetus.apache.org |
This message was automatically generated.
> Upgrade Apache Thrift to 0.9.3-1
>
>
> Key: HIVE-21173
> URL: https://issues.apache.org/jira/browse/HIVE-21173
> Project: Hive
> Issue Type: Bug
> Components: Thrift API
>Reporter: James E. King III
>Assignee: David Lavati
>Priority: Major
> Labels: pull-request-available
> Attachments: HIVE-21173.01.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The project currently depends on libthrift-0.9.3, however thrift released
> 0.12.0 on 2019-JAN-04.This release includes a security fix for
> THRIFT-4506 (CVE-2018-1320). Updating thrift to the latest version will
> remove that vulnerability.
> Also note the Apache Thrift project does not publish "libfb303" any longer.
> fb303 is contributed code (in '/contrib') and it has not been maintained.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
