You are viewing a plain text version of this content. The canonical link for it is here.

Posted to gitbox@hive.apache.org by GitBox <gi...@apache.org> on 2022/02/09 11:15:50 UTC

[GitHub] [hive] shameersss1 opened a new pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

shameersss1 opened a new pull request #3008:
URL: https://github.com/apache/hive/pull/3008


   Due to [CVE-2021-29425](https://nvd.nist.gov/vuln/detail/CVE-2021-29425) all the commons-io versions below 2.7 are affected.
   
   Tez and Hadoop have upgraded commons-io to 2.8.0 in [TEZ-4353](https://issues.apache.org/jira/browse/TEZ-4353) and [HADOOP-17683](https://issues.apache.org/jira/browse/HADOOP-17683) respectively and it will be good if Hive also follows the same.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] kgyrtkirk merged pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

kgyrtkirk merged pull request #3008:
URL: https://github.com/apache/hive/pull/3008


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1038029216


   @kgyrtkirk - Finally a green run. Can we merge this?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1033740075


   @kgyrtkirk Could you please review the changes?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1038029216


   @kgyrtkirk - Finally a green run. Can we merge this?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] kgyrtkirk merged pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

kgyrtkirk merged pull request #3008:
URL: https://github.com/apache/hive/pull/3008


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] kgyrtkirk commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

kgyrtkirk commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1036054863


   I wonder how this could have happened:
   ```
   Caused by: org.apache.hadoop.hive.ql.exec.UDFArgumentException:  Scalar subquery expression returns more than one row.
   	at org.apache.hadoop.hive.ql.udf.generic.GenericUDFSQCountCheck.evaluate(GenericUDFSQCountCheck.java:63)
   ```
   
   it doesn't seem related - let's run it again..


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] kgyrtkirk commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

kgyrtkirk commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1038038083


   @shameersss1 ; yeah - its particularily annoying when failures like this happen when it doesnt seem related at all


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] kgyrtkirk commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

kgyrtkirk commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1038038083


   @shameersss1 ; yeah - its particularily annoying when failures like this happen when it doesnt seem related at all


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1034382231


   > pending tests
   
   The two failing tests subquery_scalar_corr_multi_rows and mapjoin_memcheck looks flaky. It passed on re-run from local machine. @kgyrtkirk  are we good to merge this?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1036964861


   @kgyrtkirk  - Re-triggering the test one more time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 edited a comment on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 edited a comment on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1036215455


   @kgyrtkirk  - Those two passed!! Now another now which passed in previous run is failing. This is for sure flaky!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1036215455


   @kgyrtkirk  - Those two passed!! Now another now which passed in previous run. This is for sure flaky!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org

[GitHub] [hive] shameersss1 commented on pull request #3008: HIVE-25942: Upgrade commons-io to 2.8.0 due to CVE-2021-29425

Posted by GitBox <gi...@apache.org>.

shameersss1 commented on pull request #3008:
URL: https://github.com/apache/hive/pull/3008#issuecomment-1035962676


   @kgyrtkirk - Are we good to merge this? Or should i re-trigger the test pipeline?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org