[HADOOP-15970] Upgrade plexus-utils from 2.0.5 to 3.1.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.4, 3.3.0, 3.1.2, 3.2.1
Component/s: security
Labels:
None

Target Version/s:

3.0.4, 3.3.0, 3.1.2, 3.2.1

Description

Apache Hadoop uses plexus-utils 2.0.5 and it is vulnerable.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000487

Let's update the version or remove the usage of this library.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-15970.01.patch
04/Dec/18 07:24
0.8 kB
Akira Ajisaka

Activity

People

Assignee:: Akira Ajisaka

Reporter:: Akira Ajisaka

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 04/Dec/18 06:56

Updated:: 04/Dec/18 14:17

Resolved:: 04/Dec/18 13:49