You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/02/17 09:31:00 UTC
[jira] [Work logged] (HIVE-27027) Upgrade jettison to 1.5.3 to fix CVE-2022-45693
[ https://issues.apache.org/jira/browse/HIVE-27027?focusedWorklogId=846109&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-846109 ]
ASF GitHub Bot logged work on HIVE-27027:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 17/Feb/23 09:30
Start Date: 17/Feb/23 09:30
Worklog Time Spent: 10m
Work Description: sss9700 commented on PR #4053:
URL: https://github.com/apache/hive/pull/4053#issuecomment-1434373848
> @sss9700 https://nvd.nist.gov/vuln/detail/CVE-2022-40150 Actually in this, it states that the issue is reproducible in version <=1.4.0. It also says that this is under re-analysis.
>
> Should it be https://nvd.nist.gov/vuln/detail/CVE-2022-45693. ? If so, can you change the commit message accordingly?
Updated the commit message.
Issue Time Tracking
-------------------
Worklog Id: (was: 846109)
Time Spent: 40m (was: 0.5h)
> Upgrade jettison to 1.5.3 to fix CVE-2022-45693
> -----------------------------------------------
>
> Key: HIVE-27027
> URL: https://issues.apache.org/jira/browse/HIVE-27027
> Project: Hive
> Issue Type: Improvement
> Reporter: Sand Shreeya
> Assignee: Sand Shreeya
> Priority: Major
> Labels: pull-request-available
> Time Spent: 40m
> Remaining Estimate: 0h
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)