You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@impala.apache.org by "Joe McDonnell (Jira)" <ji...@apache.org> on 2022/04/13 15:40:00 UTC
[jira] [Resolved] (IMPALA-11229) Upgrade spring version to 5.3.18 to address CVEs
[ https://issues.apache.org/jira/browse/IMPALA-11229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joe McDonnell resolved IMPALA-11229.
------------------------------------
Fix Version/s: Impala 4.1.0
Resolution: Fixed
> Upgrade spring version to 5.3.18 to address CVEs
> ------------------------------------------------
>
> Key: IMPALA-11229
> URL: https://issues.apache.org/jira/browse/IMPALA-11229
> Project: IMPALA
> Issue Type: Task
> Components: Frontend
> Affects Versions: Impala 4.1.0
> Reporter: Joe McDonnell
> Assignee: Joe McDonnell
> Priority: Blocker
> Fix For: Impala 4.1.0
>
>
> The current version of Spring that we use is subject to some vulnerabilities that were announced recently (CVE-2022-22965, CVE-2022-22950, CVE-2021-22060). We should upgrade to 5.3.18 to address these CVEs.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)