[HIVE-25942] Upgrade commons-io to 2.8.0 due to CVE-2021-29425 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.0.0-alpha-1
Component/s: None
Labels:
- pull-request-available

Target Version/s:

4.0.0

Description

Due to CVE-2021-29425 all the commons-io versions below 2.7 are affected.

Tez and Hadoop have upgraded commons-io to 2.8.0 in TEZ-4353 and HADOOP-17683 respectively and it will be good if Hive also follows the same.

Attachments

Issue Links

links to

GitHub Pull Request #3008

Activity

People

Assignee:: Syed Shameerur Rahman

Reporter:: Syed Shameerur Rahman

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Feb/22 11:07

Updated:: 17/Nov/22 08:48

Resolved:: 13/Feb/22 11:32

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

2h 20m