[HADOOP-18832] Upgrade aws-java-sdk to 1.12.499+ - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.4.0
Fix Version/s: 3.4.0, 3.3.9
Component/s: fs/s3
Labels:
- pull-request-available

Target Version/s:

3.4.0, 3.3.7
Hadoop Flags:

Reviewed

Description

aws sdk versions < 1.12.499 uses a vulnerable version of netty and hence showing up in security CVE scans (CVE-2023-34462). The safe version for netty is 4.1.94.Final and this is used by aws-java-sdk:1.12.499+

Attachments

Issue Links

links to

GitHub Pull Request #5908

Activity

People

Assignee:: Viraj Jasani

Reporter:: Viraj Jasani

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 30/Jul/23 07:10

Updated:: 27/Jan/24 08:16

Resolved:: 16/Aug/23 13:53