You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@beam.apache.org by "Etienne Chauchot (JIRA)" <ji...@apache.org> on 2018/05/02 15:13:00 UTC

[jira] [Created] (BEAM-4226) Migrate hadoop dependency to 2.7.4 or upper to fix a CVE

Etienne Chauchot created BEAM-4226:
--------------------------------------

             Summary: Migrate hadoop dependency to 2.7.4 or upper to fix a CVE
                 Key: BEAM-4226
                 URL: https://issues.apache.org/jira/browse/BEAM-4226
             Project: Beam
          Issue Type: Task
          Components: sdk-java-core
            Reporter: Etienne Chauchot
            Assignee: Etienne Chauchot


apache hadoop is subject to a vulnerability:

CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability

We should upgrade the dep to maybe 2.7.4 which is the closest to what we actually use (2.7.3)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)