You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@parquet.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/08/02 16:45:00 UTC

[jira] [Commented] (PARQUET-1367) upgrade libraries to work around security issues

    [ https://issues.apache.org/jira/browse/PARQUET-1367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16567049#comment-16567049 ] 

ASF GitHub Bot commented on PARQUET-1367:
-----------------------------------------

mattdarwin opened a new pull request #508: PARQUET-1367 upgrade a few libs for security reasons
URL: https://github.com/apache/parquet-mr/pull/508
 
 
   There are a number of libraries which need updating.  Among other reasons, there are [several security issues filed in CVE for Hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop] and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237)

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> upgrade libraries to work around security issues
> ------------------------------------------------
>
>                 Key: PARQUET-1367
>                 URL: https://issues.apache.org/jira/browse/PARQUET-1367
>             Project: Parquet
>          Issue Type: Bug
>          Components: parquet-mr
>    Affects Versions: 1.10.0
>            Reporter: Matt Darwin
>            Priority: Major
>              Labels: pull-request-available, security
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> There are a number of libraries which need updating.  Among other reasons, there are [several security issues filed in CVE for Hadoop|[https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop]|https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=hadoop] and [guava](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237)
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)