You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "David Knupp (Jira)" <ji...@apache.org> on 2020/04/23 23:57:00 UTC
[jira] [Reopened] (IMPALA-9649) Exclude shiro-crypto-core and
shiro-core jars from maven download
[ https://issues.apache.org/jira/browse/IMPALA-9649?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Knupp reopened IMPALA-9649:
---------------------------------
> Exclude shiro-crypto-core and shiro-core jars from maven download
> -----------------------------------------------------------------
>
> Key: IMPALA-9649
> URL: https://issues.apache.org/jira/browse/IMPALA-9649
> Project: IMPALA
> Issue Type: Bug
> Components: Frontend
> Affects Versions: Impala 4.0
> Reporter: David Knupp
> Assignee: David Knupp
> Priority: Major
> Fix For: Impala 4.0
>
>
> These jars have known security vulnerabilities. They are included as part of Sentry, and are not used by Impala directly.
> There's a currently a plan to remove Sentry altogether, but since will require non-trivial effort, until that time, let's exclude these items from the maven download.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org