You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pig.apache.org by "Daniel Dai (JIRA)" <ji...@apache.org> on 2016/02/17 19:26:18 UTC

[jira] [Created] (PIG-4811) Upgrade groovy library to address MethodClosure vulnerability

Daniel Dai created PIG-4811:
-------------------------------

             Summary: Upgrade groovy library to address MethodClosure vulnerability
                 Key: PIG-4811
                 URL: https://issues.apache.org/jira/browse/PIG-4811
             Project: Pig
          Issue Type: Bug
            Reporter: Daniel Dai
            Assignee: Daniel Dai
             Fix For: 0.16.0
         Attachments: PIG-4811.patch

Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253
As Groovy versions 1.7.0 through 2.4.3 are affected by the above CVE, groovy library should be upgraded.

I'd like to upgrade to the latest version, which is 2.4.5.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)