You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@drill.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/05/16 08:31:00 UTC

[jira] [Commented] (DRILL-8200) Update Hadoop libs to ≥ 3.2.3 for CVE-2022-26612

    [ https://issues.apache.org/jira/browse/DRILL-8200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17537399#comment-17537399 ] 

ASF GitHub Bot commented on DRILL-8200:
---------------------------------------

jnturton opened a new pull request, #2550:
URL: https://github.com/apache/drill/pull/2550

   # [DRILL-8200](https://issues.apache.org/jira/browse/DRILL-8200): Update Hadoop libs to ≥ 3.2.3 for CVE-2022-26612
   
   ## Description
   
   The previous PR for this update did everything except set hadoop.version = 3.23.
   
   ## Documentation
   N/A
   
   ## Testing
   Existing test coverage.
   




> Update Hadoop libs to ≥ 3.2.3 for CVE-2022-26612
> ------------------------------------------------
>
>                 Key: DRILL-8200
>                 URL: https://issues.apache.org/jira/browse/DRILL-8200
>             Project: Apache Drill
>          Issue Type: Bug
>          Components: library
>    Affects Versions: 1.20.0
>            Reporter: James Turton
>            Assignee: James Turton
>            Priority: Critical
>             Fix For: 1.20.1
>
>
> Note: part of upgrading Drill's Hadoop libs is incorporating a new build of winutils with matching version number, and currently there is not one published at [https://github.com/cdarlint/winutils].



--
This message was sent by Atlassian Jira
(v8.20.7#820007)