[jira] [Resolved] (HADOOP-18492) upgrade commons-text to 1.10.0

Xiaoqiao He (Jira) Mon, 17 Oct 2022 20:44:11 -0700


     [ 
https://issues.apache.org/jira/browse/HADOOP-18492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Xiaoqiao He resolved HADOOP-18492.
----------------------------------
    Resolution: Duplicate

> upgrade commons-text to 1.10.0
> ------------------------------
>
>                 Key: HADOOP-18492
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18492
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: PJ Fanning
>            Assignee: PJ Fanning
>            Priority: Major
>              Labels: pull-request-available
>
> Extends HADOOP-18341
> [https://commons.apache.org/proper/commons-text/changes-report.html#a1.10.0]
> StringInterpolator prior to v1.10.0 allowed scripting that could be 
> problematic – a similar issue to one that led to CVE in 
> commons-configuration2. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

[jira] [Resolved] (HADOOP-18492) upgrade commons-text to 1.10.0

Reply via email to