[HDDS-10459] Bump snappy-java to 1.1.10.5 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Done
Affects Version/s: 2.0.0
Fix Version/s: 2.0.0, 1.4.1
Component/s: build
Labels:
- pull-request-available

Target Version/s:

1.4.1

Description

hadoop-common's snappy (1.1.8.2) dependency has the next CVEs:

CVE-2023-34453
CVE-2023-34454
CVE-2023-34455
CVE-2023-43642

A new version (1.1.10..5) has to resolve the vulnerabilities

Attachments

Issue Links

links to

GitHub Pull Request #6324

Activity

People

Assignee:: Vyacheslav Tutrinov

Reporter:: Vyacheslav Tutrinov

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 04/Mar/24 08:56

Updated:: 25/Mar/24 20:45

Resolved:: 04/Mar/24 12:26