You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pig.apache.org by "Daniel Dai (JIRA)" <ji...@apache.org> on 2016/02/17 19:26:18 UTC
[jira] [Created] (PIG-4811) Upgrade groovy library to address
MethodClosure vulnerability
Daniel Dai created PIG-4811:
-------------------------------
Summary: Upgrade groovy library to address MethodClosure vulnerability
Key: PIG-4811
URL: https://issues.apache.org/jira/browse/PIG-4811
Project: Pig
Issue Type: Bug
Reporter: Daniel Dai
Assignee: Daniel Dai
Fix For: 0.16.0
Attachments: PIG-4811.patch
Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253
As Groovy versions 1.7.0 through 2.4.3 are affected by the above CVE, groovy library should be upgraded.
I'd like to upgrade to the latest version, which is 2.4.5.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)