You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@beam.apache.org by "Etienne Chauchot (JIRA)" <ji...@apache.org> on 2018/05/02 15:13:00 UTC
[jira] [Created] (BEAM-4226) Migrate hadoop dependency to 2.7.4 or
upper to fix a CVE
Etienne Chauchot created BEAM-4226:
--------------------------------------
Summary: Migrate hadoop dependency to 2.7.4 or upper to fix a CVE
Key: BEAM-4226
URL: https://issues.apache.org/jira/browse/BEAM-4226
Project: Beam
Issue Type: Task
Components: sdk-java-core
Reporter: Etienne Chauchot
Assignee: Etienne Chauchot
apache hadoop is subject to a vulnerability:
CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability
We should upgrade the dep to maybe 2.7.4 which is the closest to what we actually use (2.7.3)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)