You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Joe McDonnell (Jira)" <ji...@apache.org> on 2023/04/14 22:40:00 UTC

[jira] [Created] (IMPALA-12063) Upgrade to a version of zlib with fix for CVE-2022-37434

Joe McDonnell created IMPALA-12063:
--------------------------------------

             Summary: Upgrade to a version of zlib with fix for CVE-2022-37434
                 Key: IMPALA-12063
                 URL: https://issues.apache.org/jira/browse/IMPALA-12063
             Project: IMPALA
          Issue Type: Bug
          Components: Backend
    Affects Versions: Impala 4.3.0
            Reporter: Joe McDonnell


Zlib fixed [CVE-2022-37434|https://nvd.nist.gov/vuln/detail/CVE-2022-37434] in version 1.2.13. This impacts inflateGetHeader(), which we do not use, so this is not expected to have any impact on Impala. Moving to the new zlib 1.2.13 avoids any uncertainty about this.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org