You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/02/17 09:31:00 UTC

[jira] [Work logged] (HIVE-27027) Upgrade jettison to 1.5.3 to fix CVE-2022-45693

     [ https://issues.apache.org/jira/browse/HIVE-27027?focusedWorklogId=846109&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-846109 ]

ASF GitHub Bot logged work on HIVE-27027:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 17/Feb/23 09:30
            Start Date: 17/Feb/23 09:30
    Worklog Time Spent: 10m 
      Work Description: sss9700 commented on PR #4053:
URL: https://github.com/apache/hive/pull/4053#issuecomment-1434373848

   > @sss9700 https://nvd.nist.gov/vuln/detail/CVE-2022-40150 Actually in this, it states that the issue is reproducible in version <=1.4.0. It also says that this is under re-analysis.
   > 
   > Should it be https://nvd.nist.gov/vuln/detail/CVE-2022-45693. ? If so, can you change the commit message accordingly?
   
   Updated the commit message.




Issue Time Tracking
-------------------

    Worklog Id:     (was: 846109)
    Time Spent: 40m  (was: 0.5h)

> Upgrade jettison to 1.5.3 to fix CVE-2022-45693
> -----------------------------------------------
>
>                 Key: HIVE-27027
>                 URL: https://issues.apache.org/jira/browse/HIVE-27027
>             Project: Hive
>          Issue Type: Improvement
>            Reporter: Sand Shreeya
>            Assignee: Sand Shreeya
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 40m
>  Remaining Estimate: 0h
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)