You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pig.apache.org by "Rohini Palaniswamy (JIRA)" <ji...@apache.org> on 2016/02/20 00:44:18 UTC
[jira] [Commented] (PIG-4811) Upgrade groovy library to address
MethodClosure vulnerability
[ https://issues.apache.org/jira/browse/PIG-4811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15155148#comment-15155148 ]
Rohini Palaniswamy commented on PIG-4811:
-----------------------------------------
+1
> Upgrade groovy library to address MethodClosure vulnerability
> -------------------------------------------------------------
>
> Key: PIG-4811
> URL: https://issues.apache.org/jira/browse/PIG-4811
> Project: Pig
> Issue Type: Bug
> Reporter: Daniel Dai
> Assignee: Daniel Dai
> Fix For: 0.16.0
>
> Attachments: PIG-4811.patch
>
>
> Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3253
> As Groovy versions 1.7.0 through 2.4.3 are affected by the above CVE, groovy library should be upgraded.
> I'd like to upgrade to the latest version, which is 2.4.5.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)