You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by Situ Shigh <si...@gmail.com> on 2021/03/20 11:48:23 UTC

RE: [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949

On 2021/02/15 13:02:00 "Pankaj Kumar (Jira)" wrote:
>
>      [
https://issues.apache.org/jira/browse/HBASE-25568?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
>
> Work on HBASE-25568 started by Pankaj Kumar.
> --------------------------------------------
> > Upgrade Thrift jar to fix CVE-2020-13949
> > ----------------------------------------
> >
> >                 Key: HBASE-25568
> >                 URL: https://issues.apache.org/jira/browse/HBASE-25568
> >             Project: HBase
> >          Issue Type: Bug
> >          Components: Thrift
> >            Reporter: Pankaj Kumar
> >            Assignee: Pankaj Kumar
> >            Priority: Critical
> >
> > There is potential DoS when processing untrusted Thrift payloads,
> > https://seclists.org/oss-sec/2021/q1/140
>
>
>
> --
> This message was sent by Atlassian Jira
> (v8.3.4#803005)
>