You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Tsuyoshi OZAWA (JIRA)" <ji...@apache.org> on 2014/11/03 17:32:34 UTC
[jira] [Commented] (HADOOP-11260) Patch up Jetty to disable SSLv3
[ https://issues.apache.org/jira/browse/HADOOP-11260?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14194700#comment-14194700 ]
Tsuyoshi OZAWA commented on HADOOP-11260:
-----------------------------------------
[~yoderme], thank you for taking this JIRA. This note from Intalio can help you: https://gist.github.com/joakime/1fa3dfc937ffd8acd8df#file-cve-2014-2566-markdown
> Patch up Jetty to disable SSLv3
> -------------------------------
>
> Key: HADOOP-11260
> URL: https://issues.apache.org/jira/browse/HADOOP-11260
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.5.1
> Reporter: Karthik Kambatla
> Assignee: Mike Yoder
> Priority: Blocker
>
> Hadoop uses an older version of Jetty that allows SSLv3. We should fix it up.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)