You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by Bill Au <bi...@gmail.com> on 2010/07/21 14:58:10 UTC

Re: Java 1.6.0_19 & Hadoop

Now that jdk 1.6.0_21 is out, has anyone been running it with Hadoop?  We
have also had problem running Hadoop with 1.6.0_18.  So what version of
1.6.0 would people recommend for use with Hadoop?

Bill

On Tue, Apr 6, 2010 at 12:09 PM, Steve Loughran <st...@apache.org> wrote:

> Todd Lipcon wrote:
>
>> I was seeing errors in 18 without escape analysis explicitly enabled. So
>> unless it became enabled by default in 18, I don't think that was the
>> issue.
>>
>
> That's not good. The security fixes in this JVM do hint it's something to
> deploy sooner rather than later.
>
> http://isc.sans.org/diary.html?storyid=8572
>
> http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
>
> "Due to the threat posed by a successful attack, Oracle strongly recommends
> that customers apply CPU fixes as soon as possible.  This Critical Patch
> Update contains 27 new security fixes across all products."
>
> There's something involving imageIO, which may imply JPEG or other image
> processing as a vulnerability; the other details are too vague to be sure
> what the implications are.
>

Re: Java 1.6.0_19 & Hadoop

Posted by Allen Wittenauer <aw...@linkedin.com>.

I seem to be ok with the little bit of _20 I've been using.

On Jul 21, 2010, at 5:58 AM, Bill Au wrote:

> Now that jdk 1.6.0_21 is out, has anyone been running it with Hadoop?  We
> have also had problem running Hadoop with 1.6.0_18.  So what version of
> 1.6.0 would people recommend for use with Hadoop?
> 
> Bill
> 
> On Tue, Apr 6, 2010 at 12:09 PM, Steve Loughran <st...@apache.org> wrote:
> 
>> Todd Lipcon wrote:
>> 
>>> I was seeing errors in 18 without escape analysis explicitly enabled. So
>>> unless it became enabled by default in 18, I don't think that was the
>>> issue.
>>> 
>> 
>> That's not good. The security fixes in this JVM do hint it's something to
>> deploy sooner rather than later.
>> 
>> http://isc.sans.org/diary.html?storyid=8572
>> 
>> http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
>> 
>> "Due to the threat posed by a successful attack, Oracle strongly recommends
>> that customers apply CPU fixes as soon as possible.  This Critical Patch
>> Update contains 27 new security fixes across all products."
>> 
>> There's something involving imageIO, which may imply JPEG or other image
>> processing as a vulnerability; the other details are too vague to be sure
>> what the implications are.
>>