[HBASE-20763] Update guava >=24.1.1 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Implemented
Affects Version/s: None
Fix Version/s: thirdparty-2.2.0
Component/s: thirdparty
Labels:
None

Description

We should update Guava in hbase-thirdparty to stop shipping the code cited as vulnerable in CVE-2018-10237. We do not invoke this code ourselves and users would have to try pretty hard to use it themselves, but we've seen more strange things before

Let's just bump up the dependency and move on.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-20763.001.patch
20/Jun/18 22:22
0.8 kB
Josh Elser

Activity

People

Assignee:: Josh Elser

Reporter:: Josh Elser

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 20/Jun/18 20:27

Updated:: 30/Mar/19 18:24

Resolved:: 30/Mar/19 18:24