You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Steve Loughran (Jira)" <ji...@apache.org> on 2022/09/29 13:16:00 UTC
[jira] [Updated] (HADOOP-18137) Verify FileUtils.unTar() handling of missing .tgz files. Fixes CVE-2022-25168
[ https://issues.apache.org/jira/browse/HADOOP-18137?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Loughran updated HADOOP-18137:
------------------------------------
Summary: Verify FileUtils.unTar() handling of missing .tgz files. Fixes CVE-2022-25168 (was: Verify FileUtils.unTar() handling of missing .tgz files)
> Verify FileUtils.unTar() handling of missing .tgz files. Fixes CVE-2022-25168
> -----------------------------------------------------------------------------
>
> Key: HADOOP-18137
> URL: https://issues.apache.org/jira/browse/HADOOP-18137
> Project: Hadoop Common
> Issue Type: Improvement
> Components: test, util
> Affects Versions: 3.3.1
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Minor
>
> add a test to verify FileUtils.unTar() of a non .gz fails meaningfully if file isn't present; fix if not.
> test both the unix and windows paths.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org