You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by Bill Au <bi...@gmail.com> on 2010/07/21 14:58:10 UTC
Re: Java 1.6.0_19 & Hadoop
Now that jdk 1.6.0_21 is out, has anyone been running it with Hadoop? We
have also had problem running Hadoop with 1.6.0_18. So what version of
1.6.0 would people recommend for use with Hadoop?
Bill
On Tue, Apr 6, 2010 at 12:09 PM, Steve Loughran <st...@apache.org> wrote:
> Todd Lipcon wrote:
>
>> I was seeing errors in 18 without escape analysis explicitly enabled. So
>> unless it became enabled by default in 18, I don't think that was the
>> issue.
>>
>
> That's not good. The security fixes in this JVM do hint it's something to
> deploy sooner rather than later.
>
> http://isc.sans.org/diary.html?storyid=8572
>
> http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
>
> "Due to the threat posed by a successful attack, Oracle strongly recommends
> that customers apply CPU fixes as soon as possible. This Critical Patch
> Update contains 27 new security fixes across all products."
>
> There's something involving imageIO, which may imply JPEG or other image
> processing as a vulnerability; the other details are too vague to be sure
> what the implications are.
>
Re: Java 1.6.0_19 & Hadoop
Posted by Allen Wittenauer <aw...@linkedin.com>.
I seem to be ok with the little bit of _20 I've been using.
On Jul 21, 2010, at 5:58 AM, Bill Au wrote:
> Now that jdk 1.6.0_21 is out, has anyone been running it with Hadoop? We
> have also had problem running Hadoop with 1.6.0_18. So what version of
> 1.6.0 would people recommend for use with Hadoop?
>
> Bill
>
> On Tue, Apr 6, 2010 at 12:09 PM, Steve Loughran <st...@apache.org> wrote:
>
>> Todd Lipcon wrote:
>>
>>> I was seeing errors in 18 without escape analysis explicitly enabled. So
>>> unless it became enabled by default in 18, I don't think that was the
>>> issue.
>>>
>>
>> That's not good. The security fixes in this JVM do hint it's something to
>> deploy sooner rather than later.
>>
>> http://isc.sans.org/diary.html?storyid=8572
>>
>> http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
>>
>> "Due to the threat posed by a successful attack, Oracle strongly recommends
>> that customers apply CPU fixes as soon as possible. This Critical Patch
>> Update contains 27 new security fixes across all products."
>>
>> There's something involving imageIO, which may imply JPEG or other image
>> processing as a vulnerability; the other details are too vague to be sure
>> what the implications are.
>>