You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Joe McDonnell (Jira)" <ji...@apache.org> on 2023/04/19 23:05:00 UTC

[jira] [Assigned] (IMPALA-12063) Upgrade to a version of zlib with fix for CVE-2022-37434

     [ https://issues.apache.org/jira/browse/IMPALA-12063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joe McDonnell reassigned IMPALA-12063:
--------------------------------------

    Assignee: Joe McDonnell

> Upgrade to a version of zlib with fix for CVE-2022-37434
> --------------------------------------------------------
>
>                 Key: IMPALA-12063
>                 URL: https://issues.apache.org/jira/browse/IMPALA-12063
>             Project: IMPALA
>          Issue Type: Bug
>          Components: Backend
>    Affects Versions: Impala 4.3.0
>            Reporter: Joe McDonnell
>            Assignee: Joe McDonnell
>            Priority: Major
>
> Zlib fixed [CVE-2022-37434|https://nvd.nist.gov/vuln/detail/CVE-2022-37434] in version 1.2.13. This impacts inflateGetHeader(), which we do not use, so this is not expected to have any impact on Impala. Moving to the new zlib 1.2.13 avoids any uncertainty about this.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org