You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Alex Dettinger (Jira)" <ji...@apache.org> on 2022/07/05 07:51:00 UTC
[jira] [Commented] (CAMEL-18246) CVE-2022-26612: Upgrade hadoop-common >= 3.3.3
[ https://issues.apache.org/jira/browse/CAMEL-18246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17562436#comment-17562436 ]
Alex Dettinger commented on CAMEL-18246:
----------------------------------------
Backporting to 3.18.x: https://github.com/apache/camel/pull/7972
> CVE-2022-26612: Upgrade hadoop-common >= 3.3.3
> ----------------------------------------------
>
> Key: CAMEL-18246
> URL: https://issues.apache.org/jira/browse/CAMEL-18246
> Project: Camel
> Issue Type: Dependency upgrade
> Reporter: Alex Dettinger
> Assignee: Alex Dettinger
> Priority: Major
> Fix For: 3.18.1, 3.19.0
>
>
> It relates to [CAMEL-QUARKUS-3763|https://github.com/apache/camel-quarkus/issues/3763] where hbase and hdfs are affected by |CVE-2022-26612|https://nvd.nist.gov/vuln/detail/CVE-2022-26612].
> According to HADOOP-18155, we need to upgrade to org.apache.hadoop:hadoop-common >= 2.10.2, 3.2.3, 3.3.3, 3.4.0.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)