You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by Akira Ajisaka <aa...@apache.org> on 2017/05/09 03:34:20 UTC
Re: CVE-2017-3161/CVE-2017-3162 question
# Added hdfs-dev ML and moved general ML to Bcc
Hi Christopher,
https://issues.apache.org/jira/browse/HDFS-6252 is the main issue and it
removes the old HDFS web UI. Probably the patch in this issue does not
apply to 2.4.1, so you need to rebase it. After applying HDFS-6252, the
following issues need to be fixed to run unit tests successfully.
* HDFS-7880
* HDFS-7635
Hope it helps.
Regards,
Akira
On 2017/05/05 11:55, Christopher wrote:
> Is there any patch available for CVE-2017-3161 or CVE-2017-3162 that can
> apply to 2.4.1?
>
> Fedora currently ships Hadoop 2.4.1 in F25, and I'm wondering if there's
> any way I can get some upstream support to help mitigate this in the Fedora
> packaging to address: https://bugzilla.redhat.com/show_bug.cgi?id=1448374
>
> Otherwise, I'm going to have to leave these problems in place for F25,
> until F26 is released (which will ship with Hadoop 2.7.3).
>
> Any help to backport or apply a patch to address these would be appreciated.
>
> Thanks.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org