from:"PJ Fanning \(Jira\)"

[jira] [Commented] (HADOOP-19315) Bump avro from 1.9.2 to 1.11.4

2024-10-22 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17891922#comment-17891922 ] PJ Fanning commented on HADOOP-19315: - There is an idea to use a shaded avro jar bu

[jira] [Comment Edited] (HADOOP-19302) Update rat version in the docker build.sh script

2024-10-04 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886996#comment-17886996 ] PJ Fanning edited comment on HADOOP-19302 at 10/4/24 6:09 PM: ---

[jira] [Commented] (HADOOP-19302) Update rat version in the docker build.sh script

2024-10-04 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886996#comment-17886996 ] PJ Fanning commented on HADOOP-19302: - Please use https://archive.apache.org/dist/c

[jira] [Created] (HADOOP-19289) upgrade to protobuf-java 3.25.5 due to CVE-2024-7254

2024-09-25 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19289: --- Summary: upgrade to protobuf-java 3.25.5 due to CVE-2024-7254 Key: HADOOP-19289 URL: https://issues.apache.org/jira/browse/HADOOP-19289 Project: Hadoop Common

[jira] [Created] (HADOOP-19259) upgrade to jackson 2.18.0

2024-09-01 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19259: --- Summary: upgrade to jackson 2.18.0 Key: HADOOP-19259 URL: https://issues.apache.org/jira/browse/HADOOP-19259 Project: Hadoop Common Issue Type: Task

[jira] [Updated] (HADOOP-19237) upgrade dnsjava to 3.6.0 due to CVEs

2024-07-25 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-19237: Description: See https://github.com/apache/hadoop/pull/6955 - but this is missing the necessary

[jira] [Created] (HADOOP-19237) upgrade dnsjava to 3.6.0 due to CVEs

2024-07-25 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19237: --- Summary: upgrade dnsjava to 3.6.0 due to CVEs Key: HADOOP-19237 URL: https://issues.apache.org/jira/browse/HADOOP-19237 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-19231) add JacksonUtil to centralise some code

2024-07-21 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19231: --- Summary: add JacksonUtil to centralise some code Key: HADOOP-19231 URL: https://issues.apache.org/jira/browse/HADOOP-19231 Project: Hadoop Common Issue Type: T

[jira] [Updated] (HADOOP-19230) upgrade to jackson 2.14.3

2024-07-20 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19230?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-19230: Description: Follow up to HADOOP-18332 I have what I believe fixes the Jackson JAX-RS incompatib

[jira] [Commented] (HADOOP-19230) upgrade to jackson 2.14.3

2024-07-19 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17867444#comment-17867444 ] PJ Fanning commented on HADOOP-19230: - https://github.com/apache/hadoop/pull/6761

[jira] [Created] (HADOOP-19230) upgrade to jackson 2.14.3

2024-07-19 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19230: --- Summary: upgrade to jackson 2.14.3 Key: HADOOP-19230 URL: https://issues.apache.org/jira/browse/HADOOP-19230 Project: Hadoop Common Issue Type: Task

[jira] [Commented] (HADOOP-13463) update to Guice 4.1

2024-07-01 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-13463?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17861145#comment-17861145 ] PJ Fanning commented on HADOOP-13463: - [~slfan1989] this should probably be closed

[jira] [Commented] (HADOOP-19216) Upgrade Guice from 4.0 to 5.1.0 to support Java 17

2024-07-01 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17861144#comment-17861144 ] PJ Fanning commented on HADOOP-19216: - For documentation reasons, could you provide

[jira] [Created] (HADOOP-19154) upgrade bouncy castle to 1.78.1 due to CVEs

2024-04-19 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19154: --- Summary: upgrade bouncy castle to 1.78.1 due to CVEs Key: HADOOP-19154 URL: https://issues.apache.org/jira/browse/HADOOP-19154 Project: Hadoop Common Issue Typ

[jira] [Created] (HADOOP-19134) use StringBuilder instead of StringBuffer

2024-03-30 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19134: --- Summary: use StringBuilder instead of StringBuffer Key: HADOOP-19134 URL: https://issues.apache.org/jira/browse/HADOOP-19134 Project: Hadoop Common Issue Type:

[jira] [Commented] (HADOOP-19116) update to zookeeper client 3.8.4 due to CVE-2024-23944

2024-03-25 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17830731#comment-17830731 ] PJ Fanning commented on HADOOP-19116: - [~ste...@apache.org] I created https://githu

[jira] [Created] (HADOOP-19123) update commons-configuration2 to 2.10.1 due to CVE

2024-03-23 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19123: --- Summary: update commons-configuration2 to 2.10.1 due to CVE Key: HADOOP-19123 URL: https://issues.apache.org/jira/browse/HADOOP-19123 Project: Hadoop Common Is

[jira] [Created] (HADOOP-19116) update to zookeeper client 3.8.4 due to CVE

2024-03-18 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19116: --- Summary: update to zookeeper client 3.8.4 due to CVE Key: HADOOP-19116 URL: https://issues.apache.org/jira/browse/HADOOP-19116 Project: Hadoop Common Issue Typ

[jira] [Created] (HADOOP-19115) upgrade to nimbus-jose-jwt 9.37.2 due to CVE

2024-03-18 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19115: --- Summary: upgrade to nimbus-jose-jwt 9.37.2 due to CVE Key: HADOOP-19115 URL: https://issues.apache.org/jira/browse/HADOOP-19115 Project: Hadoop Common Issue Ty

[jira] [Created] (HADOOP-19114) upgrade to commons-compress 1.26.1 due to cves

2024-03-18 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19114: --- Summary: upgrade to commons-compress 1.26.1 due to cves Key: HADOOP-19114 URL: https://issues.apache.org/jira/browse/HADOOP-19114 Project: Hadoop Common Issue

[jira] [Commented] (HADOOP-19090) Update Protocol Buffers installation to 3.23.4

2024-02-29 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19090?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17822242#comment-17822242 ] PJ Fanning commented on HADOOP-19090: - I think we'll need a new release to avoid th

[jira] [Commented] (HADOOP-18197) Update protobuf 3.7.1 to a version without CVE-2021-22569

2024-02-27 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17821186#comment-17821186 ] PJ Fanning commented on HADOOP-18197: - I have https://github.com/apache/hadoop-thir

[jira] [Created] (HADOOP-19090) Update Protocol Buffers installation to 3.23.4

2024-02-26 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19090: --- Summary: Update Protocol Buffers installation to 3.23.4 Key: HADOOP-19090 URL: https://issues.apache.org/jira/browse/HADOOP-19090 Project: Hadoop Common Issue

[jira] [Commented] (HADOOP-18197) Update protobuf 3.7.1 to a version without CVE-2021-22569

2024-02-26 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17820707#comment-17820707 ] PJ Fanning commented on HADOOP-18197: - The fix only seems to be in protobuf-java 3.

[jira] [Created] (HADOOP-19088) upgrade to jersey-json 1.22.0

2024-02-24 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19088: --- Summary: upgrade to jersey-json 1.22.0 Key: HADOOP-19088 URL: https://issues.apache.org/jira/browse/HADOOP-19088 Project: Hadoop Common Issue Type: Bug

[jira] [Updated] (HADOOP-19081) move ssh/sftp code out of hadoop-common into a dedicated jar

2024-02-16 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19081?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-19081: Description: We could call it hadoop-ssh-common. This code is only used in 1 or 2 other places a

[jira] [Created] (HADOOP-19081) move ssh/sftp code out of hadoop-common into a dedicated jar

2024-02-16 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19081: --- Summary: move ssh/sftp code out of hadoop-common into a dedicated jar Key: HADOOP-19081 URL: https://issues.apache.org/jira/browse/HADOOP-19081 Project: Hadoop Common

[jira] [Updated] (HADOOP-19079) check that class that is loaded is really an exception

2024-02-15 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19079?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-19079: Description: It can be dangerous taking class names as inputs from HTTP messages even if we cont

[jira] [Created] (HADOOP-19079) check that class that is loaded is really an exception

2024-02-15 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19079: --- Summary: check that class that is loaded is really an exception Key: HADOOP-19079 URL: https://issues.apache.org/jira/browse/HADOOP-19079 Project: Hadoop Common

[jira] [Created] (HADOOP-19078) reduce use of javax.ws.rs.core.MediaType

2024-02-15 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19078: --- Summary: reduce use of javax.ws.rs.core.MediaType Key: HADOOP-19078 URL: https://issues.apache.org/jira/browse/HADOOP-19078 Project: Hadoop Common Issue Type:

[jira] [Updated] (HADOOP-19076) move jersey code in hadoop-common jar to a new hadoop-jersey1-common jar

2024-02-15 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-19076: Description: Hadoop's Jersey dependencies are causing us real trouble. I'm wondering if it would

[jira] [Commented] (HADOOP-19076) move jersey code in hadoop-common jar to a new hadoop-jersey1-common jar

2024-02-15 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17817730#comment-17817730 ] PJ Fanning commented on HADOOP-19076: - Thanks [~ste...@apache.org], the idea would

[jira] [Commented] (HADOOP-19076) move jersey code in hadoop-common jar to a new hadoop-jersey1-common jar

2024-02-15 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-19076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17817696#comment-17817696 ] PJ Fanning commented on HADOOP-19076: - Thanks [~slfan1989] for the background on Je

[jira] [Created] (HADOOP-19077) remove use of javax.ws.rs.core.HttpHeaders

2024-02-15 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19077: --- Summary: remove use of javax.ws.rs.core.HttpHeaders Key: HADOOP-19077 URL: https://issues.apache.org/jira/browse/HADOOP-19077 Project: Hadoop Common Issue Type

[jira] [Created] (HADOOP-19076) move jersey code in hadoop-common jar to a new hadoop-jersey1-common jar

2024-02-15 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19076: --- Summary: move jersey code in hadoop-common jar to a new hadoop-jersey1-common jar Key: HADOOP-19076 URL: https://issues.apache.org/jira/browse/HADOOP-19076 Project: Had

[jira] [Commented] (HADOOP-15984) Update jersey from 1.19 to 2.x

2024-02-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17817496#comment-17817496 ] PJ Fanning commented on HADOOP-15984: - It does look like we have some client side J

[jira] [Commented] (HADOOP-15984) Update jersey from 1.19 to 2.x

2024-02-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17817492#comment-17817492 ] PJ Fanning commented on HADOOP-15984: - I don't understand why, for instance, hadoop

[jira] [Commented] (HADOOP-15984) Update jersey from 1.19 to 2.x

2024-02-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17817480#comment-17817480 ] PJ Fanning commented on HADOOP-15984: - the jersey dependencies should only be expos

[jira] [Commented] (HADOOP-15984) Update jersey from 1.19 to 2.x

2024-02-13 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-15984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17816897#comment-17816897 ] PJ Fanning commented on HADOOP-15984: - Jersey 1 uses jsr311 jar and Jersey2 uses rs

[jira] [Commented] (HADOOP-18895) upgrade to commons-compress 1.24.0 due to CVE

2024-01-16 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17807140#comment-17807140 ] PJ Fanning commented on HADOOP-18895: - [~slfan1989] this was not reverted - it is s

[jira] [Created] (HADOOP-19041) further use of StandardCharsets

2024-01-14 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19041: --- Summary: further use of StandardCharsets Key: HADOOP-19041 URL: https://issues.apache.org/jira/browse/HADOOP-19041 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-19024) change to bouncy castle jdk1.8 jars

2024-01-04 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19024: --- Summary: change to bouncy castle jdk1.8 jars Key: HADOOP-19024 URL: https://issues.apache.org/jira/browse/HADOOP-19024 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-19014) use jsr311-compat jar to allow us to use Jackson 2.14.3

2023-12-19 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-19014: --- Summary: use jsr311-compat jar to allow us to use Jackson 2.14.3 Key: HADOOP-19014 URL: https://issues.apache.org/jira/browse/HADOOP-19014 Project: Hadoop Common

[jira] [Commented] (HADOOP-18936) Upgrade to jetty 9.4.53

2023-10-30 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18936?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17781027#comment-17781027 ] PJ Fanning commented on HADOOP-18936: - [~coheigea] [~ayushtkn] I created https://gi

[jira] [Updated] (HADOOP-18957) Use StandardCharsets.UTF_8 constant

2023-10-27 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18957?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18957: Description: * there are some places in the code that have to check for UnsupportedCharsetExcept

[jira] [Created] (HADOOP-18957) Use StandardCharsets.UTF_8 constant

2023-10-27 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18957: --- Summary: Use StandardCharsets.UTF_8 constant Key: HADOOP-18957 URL: https://issues.apache.org/jira/browse/HADOOP-18957 Project: Hadoop Common Issue Type: Impro

[jira] [Created] (HADOOP-18949) upgrade maven dependency plugin due to security issue

2023-10-23 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18949: --- Summary: upgrade maven dependency plugin due to security issue Key: HADOOP-18949 URL: https://issues.apache.org/jira/browse/HADOOP-18949 Project: Hadoop Common

[jira] [Commented] (HADOOP-18359) Update commons-cli from 1.2 to 1.5.

2023-10-19 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18359?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1299#comment-1299 ] PJ Fanning commented on HADOOP-18359: - [~coheigea] I have not been involved with th

[jira] [Updated] (HADOOP-18936) upgrade jetty to 9.4.53 due to CVEs

2023-10-12 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18936?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18936: Description: 2 CVE fixes in https://github.com/jetty/jetty.project/releases/tag/jetty-9.4.53.v20

[jira] [Created] (HADOOP-18936) upgrade jetty to 9.4.53 due to CVEs

2023-10-12 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18936: --- Summary: upgrade jetty to 9.4.53 due to CVEs Key: HADOOP-18936 URL: https://issues.apache.org/jira/browse/HADOOP-18936 Project: Hadoop Common Issue Type: Impro

[jira] [Created] (HADOOP-18933) upgrade netty to 4.1.100 due to CVE

2023-10-11 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18933: --- Summary: upgrade netty to 4.1.100 due to CVE Key: HADOOP-18933 URL: https://issues.apache.org/jira/browse/HADOOP-18933 Project: Hadoop Common Issue Type: Impro

[jira] [Commented] (HADOOP-18929) Build failure while trying to create apache 3.3.7 release locally.

2023-10-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773818#comment-17773818 ] PJ Fanning commented on HADOOP-18929: - https://github.com/apache/hadoop/pull/6169

[jira] [Commented] (HADOOP-18929) Build failure while trying to create apache 3.3.7 release locally.

2023-10-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773810#comment-17773810 ] PJ Fanning commented on HADOOP-18929: - It looks like commons-compress 1.24.0 is the

[jira] [Created] (HADOOP-18924) upgrade grpc jars to v1.53.0 due to CVEs

2023-10-09 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18924: --- Summary: upgrade grpc jars to v1.53.0 due to CVEs Key: HADOOP-18924 URL: https://issues.apache.org/jira/browse/HADOOP-18924 Project: Hadoop Common Issue Type:

[jira] [Created] (HADOOP-18921) upgrade avro in hadoop-thirdparty to 1.11.3

2023-10-04 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18921: --- Summary: upgrade avro in hadoop-thirdparty to 1.11.3 Key: HADOOP-18921 URL: https://issues.apache.org/jira/browse/HADOOP-18921 Project: Hadoop Common Issue Typ

[jira] [Created] (HADOOP-18917) upgrade to commons-io 2.14.0

2023-09-30 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18917: --- Summary: upgrade to commons-io 2.14.0 Key: HADOOP-18917 URL: https://issues.apache.org/jira/browse/HADOOP-18917 Project: Hadoop Common Issue Type: Improvement

[jira] [Updated] (HADOOP-18916) module-info classes from external dependencies appearing in uber jars

2023-09-30 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18916?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18916: Description: hadoop-client-minicluster and hadoop-client-runtime try unsuccessfully to exclude m

[jira] [Created] (HADOOP-18916) module-info classes from external dependencies appearing in uber jars

2023-09-30 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18916: --- Summary: module-info classes from external dependencies appearing in uber jars Key: HADOOP-18916 URL: https://issues.apache.org/jira/browse/HADOOP-18916 Project: Hadoop

[jira] [Commented] (HADOOP-17225) Update jackson-mapper-asl-1.9.13 to atlassian version to mitigate: CVE-2019-10172

2023-09-30 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-17225?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17770690#comment-17770690 ] PJ Fanning commented on HADOOP-17225: - This can probably be closed because latest h

[jira] [Created] (HADOOP-18912) upgrade snappy-java to 1.1.10.4 due to CVE

2023-09-25 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18912: --- Summary: upgrade snappy-java to 1.1.10.4 due to CVE Key: HADOOP-18912 URL: https://issues.apache.org/jira/browse/HADOOP-18912 Project: Hadoop Common Issue Type

[jira] [Updated] (HADOOP-18895) upgrade to commons-compress 1.24.0 due to CVE

2023-09-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18895: Description: Includes some important bug fixes including https://lists.apache.org/thread/g9lrsz8j

[jira] [Updated] (HADOOP-18895) upgrade to commons-compress 1.24.0 due to CVE

2023-09-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18895: Description: Includes some important bug fixes including https://lists.apache.org/thread/g9lrsz8j

[jira] [Updated] (HADOOP-18895) upgrade to commons-compress 1.24.0 due to CVE

2023-09-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18895: Summary: upgrade to commons-compress 1.24.0 due to CVE (was: upgrade to commons-compress 1.24.0)

[jira] [Created] (HADOOP-18895) upgrade to commons-compress 1.24.0

2023-09-13 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18895: --- Summary: upgrade to commons-compress 1.24.0 Key: HADOOP-18895 URL: https://issues.apache.org/jira/browse/HADOOP-18895 Project: Hadoop Common Issue Type: Improv

[jira] [Updated] (HADOOP-18894) upgrade sshd-core due to CVEs

2023-09-13 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18894?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18894: Description: https://mvnrepository.com/artifact/org.apache.sshd/sshd-core hadoop currently uses

[jira] [Created] (HADOOP-18894) upgrade sshd-core due to CVEs

2023-09-13 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18894: --- Summary: upgrade sshd-core due to CVEs Key: HADOOP-18894 URL: https://issues.apache.org/jira/browse/HADOOP-18894 Project: Hadoop Common Issue Type: Bug

[jira] [Commented] (HADOOP-18890) remove okhttp usage

2023-09-12 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17764306#comment-17764306 ] PJ Fanning commented on HADOOP-18890: - It seems to be used in a few places - notabl

[jira] [Created] (HADOOP-18890) remove okhttp usage

2023-09-12 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18890: --- Summary: remove okhttp usage Key: HADOOP-18890 URL: https://issues.apache.org/jira/browse/HADOOP-18890 Project: Hadoop Common Issue Type: Bug Compone

[jira] [Created] (HADOOP-18783) upgrade netty to 4.1.94 due to CVE

2023-06-24 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18783: --- Summary: upgrade netty to 4.1.94 due to CVE Key: HADOOP-18783 URL: https://issues.apache.org/jira/browse/HADOOP-18783 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-18782) upgrade to snappy-java 1.1.10.1 due to CVEs

2023-06-24 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18782: --- Summary: upgrade to snappy-java 1.1.10.1 due to CVEs Key: HADOOP-18782 URL: https://issues.apache.org/jira/browse/HADOOP-18782 Project: Hadoop Common Issue Typ

[jira] [Comment Edited] (HADOOP-18033) Upgrade fasterxml Jackson to 2.13.0

2023-06-12 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17731654#comment-17731654 ] PJ Fanning edited comment on HADOOP-18033 at 6/12/23 3:14 PM: ---

[jira] [Commented] (HADOOP-18033) Upgrade fasterxml Jackson to 2.13.0

2023-06-12 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17731654#comment-17731654 ] PJ Fanning commented on HADOOP-18033: - We're stuck on Jackson 2.12 because of jerse

[jira] [Resolved] (HADOOP-18719) upgrade snakeyaml to 2.0 (fixes CVE-2022-1471)

2023-04-26 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning resolved HADOOP-18719. - Resolution: Duplicate > upgrade snakeyaml to 2.0 (fixes CVE-2022-1471) > --

[jira] [Created] (HADOOP-18719) upgrade snakeyaml to 2.0 (fixes CVE-2022-1471)

2023-04-26 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18719: --- Summary: upgrade snakeyaml to 2.0 (fixes CVE-2022-1471) Key: HADOOP-18719 URL: https://issues.apache.org/jira/browse/HADOOP-18719 Project: Hadoop Common Issue

[jira] [Created] (HADOOP-18712) upgrade to jetty 9.4.51 due to cve

2023-04-19 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18712: --- Summary: upgrade to jetty 9.4.51 due to cve Key: HADOOP-18712 URL: https://issues.apache.org/jira/browse/HADOOP-18712 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-18711) upgrade nimbus jwt jar due to issues in its embedded shaded json-smart code

2023-04-19 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18711: --- Summary: upgrade nimbus jwt jar due to issues in its embedded shaded json-smart code Key: HADOOP-18711 URL: https://issues.apache.org/jira/browse/HADOOP-18711 Project:

[jira] [Updated] (HADOOP-18693) upgrade Apache Derby due to CVEs

2023-04-07 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18693: Description: [https://github.com/advisories/GHSA-wr69-g62g-2r9h] [https://github.com/advisories/

[jira] [Updated] (HADOOP-18693) upgrade Apache Derby due to CVEs

2023-04-07 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18693: Description: [https://github.com/advisories/GHSA-wr69-g62g-2r9h] [https://github.com/advisories/

[jira] [Created] (HADOOP-18693) upgrade Apache Derby due to CVEs

2023-04-07 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18693: --- Summary: upgrade Apache Derby due to CVEs Key: HADOOP-18693 URL: https://issues.apache.org/jira/browse/HADOOP-18693 Project: Hadoop Common Issue Type: Task

[jira] [Created] (HADOOP-18658) snakeyaml dependency: upgrade to v2.0

2023-03-09 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18658: --- Summary: snakeyaml dependency: upgrade to v2.0 Key: HADOOP-18658 URL: https://issues.apache.org/jira/browse/HADOOP-18658 Project: Hadoop Common Issue Type: Tas

[jira] [Comment Edited] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17687104#comment-17687104 ] PJ Fanning edited comment on HADOOP-18619 at 2/10/23 5:40 PM: ---

[jira] [Comment Edited] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17687104#comment-17687104 ] PJ Fanning edited comment on HADOOP-18619 at 2/10/23 2:54 PM: ---

[jira] [Commented] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17687104#comment-17687104 ] PJ Fanning commented on HADOOP-18619: - I had a quick look and getting jersey-core t

[jira] [Comment Edited] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17687023#comment-17687023 ] PJ Fanning edited comment on HADOOP-18619 at 2/10/23 10:51 AM: --

[jira] [Commented] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-10 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17687023#comment-17687023 ] PJ Fanning commented on HADOOP-18619: - I haven't tried playing with jersey-core too

[jira] [Commented] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-07 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17685255#comment-17685255 ] PJ Fanning commented on HADOOP-18619: - When 3.3.5 is released, jersey-json dependen

[jira] [Created] (HADOOP-18619) replace jsr311-api dependency with rs-api

2023-02-06 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18619: --- Summary: replace jsr311-api dependency with rs-api Key: HADOOP-18619 URL: https://issues.apache.org/jira/browse/HADOOP-18619 Project: Hadoop Common Issue Type:

[jira] [Commented] (HADOOP-18587) upgrade to jettison 1.5.3 due to security issue

2023-01-16 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17677381#comment-17677381 ] PJ Fanning commented on HADOOP-18587: - Would be nice to get it into 3.3.5 rc but if

[jira] [Updated] (HADOOP-18587) upgrade to jettison 1.5.2 due to security issue

2023-01-04 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] PJ Fanning updated HADOOP-18587: Description: [https://github.com/advisories/GHSA-x27m-9w8j-5vcw] [https://github.com/jettison

[jira] [Created] (HADOOP-18587) upgrade to jettison 1.5.2 due to security issue

2023-01-03 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18587: --- Summary: upgrade to jettison 1.5.2 due to security issue Key: HADOOP-18587 URL: https://issues.apache.org/jira/browse/HADOOP-18587 Project: Hadoop Common Issue

[jira] [Commented] (HADOOP-18342) Upgrade to Avro 1.11.1

2022-12-27 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17652406#comment-17652406 ] PJ Fanning commented on HADOOP-18342: - The hadoop-thirdparty jar has not been relea

[jira] [Commented] (HADOOP-18575) Make XML transformer factory more lenient

2022-12-22 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17651383#comment-17651383 ] PJ Fanning commented on HADOOP-18575: - [~ste...@apache.org] in terms of performance

[jira] [Commented] (HADOOP-18575) Make XML transformer factory more lenient

2022-12-22 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17651325#comment-17651325 ] PJ Fanning commented on HADOOP-18575: - I guess that could be done. I might have tim

[jira] [Commented] (HADOOP-18575) make transformer factory creation more lenient

2022-12-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17647667#comment-17647667 ] PJ Fanning commented on HADOOP-18575: - https://github.com/apache/hadoop/pull/5224

[jira] [Created] (HADOOP-18575) make transformer factory creation more lenient

2022-12-14 Thread PJ Fanning (Jira)

PJ Fanning created HADOOP-18575: --- Summary: make transformer factory creation more lenient Key: HADOOP-18575 URL: https://issues.apache.org/jira/browse/HADOOP-18575 Project: Hadoop Common Issue

[jira] [Commented] (HADOOP-18469) Add XMLUtils methods to centralise code that creates secure XML parsers

2022-12-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17647590#comment-17647590 ] PJ Fanning commented on HADOOP-18469: - I raised [https://github.com/apache/hadoop/p

[jira] [Commented] (HADOOP-18469) Add XMLUtils methods to centralise code that creates secure XML parsers

2022-12-14 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17647565#comment-17647565 ] PJ Fanning commented on HADOOP-18469: - In Apache POI, they use a best effort approa

[jira] [Commented] (HADOOP-17563) Update Bouncy Castle to 1.68 or later

2022-12-04 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-17563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17643063#comment-17643063 ] PJ Fanning commented on HADOOP-17563: - This class is in bcprov-jdk15on-1.60.jar and

[jira] [Commented] (HADOOP-18512) upgrade woodstox-core to 5.4.0 for security fix

2022-10-28 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-18512?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17625587#comment-17625587 ] PJ Fanning commented on HADOOP-18512: - Not likely to be something that can be explo

[jira] [Commented] (HADOOP-15983) Use jersey-json that is built to use jackson2

2022-10-19 Thread PJ Fanning (Jira)

[ https://issues.apache.org/jira/browse/HADOOP-15983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17620662#comment-17620662 ] PJ Fanning commented on HADOOP-15983: - [~ste...@apache.org] I can look at doing a P

1 2 >

1 - 100 of 180 matches

Mail list logo