You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Joe McDonnell (Jira)" <ji...@apache.org> on 2023/04/20 16:09:00 UTC

[jira] [Resolved] (IMPALA-12063) Upgrade to a version of zlib with fix for CVE-2022-37434

     [ https://issues.apache.org/jira/browse/IMPALA-12063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joe McDonnell resolved IMPALA-12063.
------------------------------------
    Fix Version/s: Impala 4.3.0
       Resolution: Fixed

> Upgrade to a version of zlib with fix for CVE-2022-37434
> --------------------------------------------------------
>
>                 Key: IMPALA-12063
>                 URL: https://issues.apache.org/jira/browse/IMPALA-12063
>             Project: IMPALA
>          Issue Type: Bug
>          Components: Backend
>    Affects Versions: Impala 4.3.0
>            Reporter: Joe McDonnell
>            Assignee: Joe McDonnell
>            Priority: Major
>             Fix For: Impala 4.3.0
>
>
> Zlib fixed [CVE-2022-37434|https://nvd.nist.gov/vuln/detail/CVE-2022-37434] in version 1.2.13. This impacts inflateGetHeader(), which we do not use, so this is not expected to have any impact on Impala. Moving to the new zlib 1.2.13 avoids any uncertainty about this.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org