You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Abhay (Jira)" <ji...@apache.org> on 2021/11/12 22:24:00 UTC
[jira] [Assigned] (HIVE-25696) Hive - Upgrade Spring framework to
5.3.10+/5.2.17+ due to CVE-2021-22118, CVE-2021-22096
[ https://issues.apache.org/jira/browse/HIVE-25696?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Abhay reassigned HIVE-25696:
----------------------------
> Hive - Upgrade Spring framework to 5.3.10+/5.2.17+ due to CVE-2021-22118, CVE-2021-22096
> ----------------------------------------------------------------------------------------
>
> Key: HIVE-25696
> URL: https://issues.apache.org/jira/browse/HIVE-25696
> Project: Hive
> Issue Type: Bug
> Reporter: Abhay
> Assignee: Abhay
> Priority: Major
>
> Hive is currently pulling in 4.3.29, which is unsupported and vulnerable. Please upgrade to 5.2.17+/5.3.10+
> Also, the spring framework is being used as part of the testutils, so we can reduce the scope of the dependency to test.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)