Re: CVE-2017-3161/CVE-2017-3162 question

[Akira Ajisaka <aa...@apache.org>]

# Added hdfs-dev ML and moved general ML to Bcc

Hi Christopher,

https://issues.apache.org/jira/browse/HDFS-6252 is the main issue and it 
removes the old HDFS web UI. Probably the patch in this issue does not 
apply to 2.4.1, so you need to rebase it. After applying HDFS-6252, the 
following issues need to be fixed to run unit tests successfully.

* HDFS-7880
* HDFS-7635

Hope it helps.

Regards,
Akira

On 2017/05/05 11:55, Christopher wrote:
> Is there any patch available for CVE-2017-3161 or CVE-2017-3162 that can
> apply to 2.4.1?
>
> Fedora currently ships Hadoop 2.4.1 in F25, and I'm wondering if there's
> any way I can get some upstream support to help mitigate this in the Fedora
> packaging to address: https://bugzilla.redhat.com/show_bug.cgi?id=1448374
>
> Otherwise, I'm going to have to leave these problems in place for F25,
> until F26 is released (which will ship with Hadoop 2.7.3).
>
> Any help to backport or apply a patch to address these would be appreciated.
>
> Thanks.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org