Thanks Brahma, this clarifies.
On 12/16/21, 12:23 AM, "Battula, Brahma Reddy" <bbatt...@visa.com.INVALID>
wrote:
Yes, Looks PR Got raised for same which I missed earlier mail. Hopefully it
will get merge soon.
And to answer your following question.
But not sure the change on below file:
ql/src/java/org/apache/hadoop/hive/ql/log/SlidingFilenameRolloverStrategy.java
SlidingFilenameRolloverStrategy implements (inherit)
DirectFileRolloverStrategy… As part of the following fix,
clearCurrentFileName(.) is introduced in DirectFileRolloverStrategy, which is
merged in 2.11.2 and 3.0.0 .. And we are migration from 2.8.2 hence this method
is added.
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.apache.org%2Fjira%2Fbrowse%2FLOG4J2-1906&data=04%7C01%7Crsundara%40visa.com%7C9ae92e2c3cb6444e927008d9c06d2025%7C38305e12e15d4ee888b9c4db1c477d76%7C0%7C0%7C637752398061899342%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=bz4I1I8MRmNO5Cvvb%2BxdlT%2Fr2GEnB4eGYSeC4QT5jMg%3D&reserved=0
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Flogging-log4j2%2Fblob%2F42aa6aeb54a2d179b0271c09b450ca3d18c3a7a8%2Flog4j-core%2Fsrc%2Fmain%2Fjava%2Forg%2Fapache%2Flogging%2Flog4j%2Fcore%2Fappender%2Frolling%2FDirectFileRolloverStrategy.java%23L26&data=04%7C01%7Crsundara%40visa.com%7C9ae92e2c3cb6444e927008d9c06d2025%7C38305e12e15d4ee888b9c4db1c477d76%7C0%7C0%7C637752398061899342%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=P7ggyH%2BM8zp5Z5VZhBIyXBkcXqmQN7jeXLeInnIgSdg%3D&reserved=0
Hope this clarifies you.. And even you can ask in the PR’s, if you’ve any
other doubts!!..
--Brahma Reddy Battula
From: Sundaram, Ramakrishnan <rsund...@visa.com.INVALID>
Date: Thursday, 16 December 2021 at 11:48 AM
To: dev@hive.apache.org <dev@hive.apache.org>
Cc: secur...@hive.apache.org <secur...@hive.apache.org>
Subject: Re: Regarding log4j2 upgrade: HIVE-25804, HIVE-25795 related to
CVE-2021-44228
Makes sense.
Also I see commit on branch-3:
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fhive%2Fpull%2F2869%2Ffiles&data=04%7C01%7Crsundara%40visa.com%7C9ae92e2c3cb6444e927008d9c06d2025%7C38305e12e15d4ee888b9c4db1c477d76%7C0%7C0%7C637752398061899342%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=gjV1CyRE9k6z9ZZfPHMxnl5spCxQjexrU3BKxelwZmg%3D&reserved=0
Details:
------------------------------------
[hive] branch branch-3 updated: HIVE-25795: Update log4j2 version to 2.16.0
for branch-3 (Naveen Gangam)
ngangam pushed a commit to branch branch-3
in repository
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgitbox.apache.org%2Frepos%2Fasf%2Fhive.git&data=04%7C01%7Crsundara%40visa.com%7C9ae92e2c3cb6444e927008d9c06d2025%7C38305e12e15d4ee888b9c4db1c477d76%7C0%7C0%7C637752398061899342%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=nq15gSb5YJlsOl9PHOUw%2FjMGqThD9hE0FBtKfkX%2BssQ%3D&reserved=0
The following commit(s) were added to refs/heads/branch-3 by this push:
new 63a056a HIVE-25795: Update log4j2 version to 2.16.0 for branch-3
(Naveen Gangam)
63a056a is described below
commit 63a056ae87de739ba2ea66fd4001f529357a4aa1
Author: Naveen Gangam <ngan...@cloudera.com>
AuthorDate: Wed Dec 15 15:57:45 2021 -0500
HIVE-25795: Update log4j2 version to 2.16.0 for branch-3 (Naveen Gangam)
------------------------------------------
But not sure the change on below file:
ql/src/java/org/apache/hadoop/hive/ql/log/SlidingFilenameRolloverStrategy.java
Regards,
Ram
================================================
On 12/15/21, 8:29 PM, "Battula, Brahma Reddy" <bbatt...@visa.com.INVALID>
wrote:
it’s committed only for master where we dn’t have this.
Only for branch-2 and branch-3, we need to handle this file. Please
see, following discussion for same..
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fhive%2Fpull%2F2863&data=04%7C01%7Crsundara%40visa.com%7C9ae92e2c3cb6444e927008d9c06d2025%7C38305e12e15d4ee888b9c4db1c477d76%7C0%7C0%7C637752398061899342%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=WEKL6TB8v1tIF4snIKu1ABwU4q%2B7gjevcZ%2F6tbII4Cc%3D&reserved=0
If you are interested, you raise PR for branch-2 and branc-3.
From: Sundaram, Ramakrishnan <rsund...@visa.com.INVALID>
Date: Thursday, 16 December 2021 at 3:05 AM
To: dev@hive.apache.org <dev@hive.apache.org>
Cc: secur...@hive.apache.org <secur...@hive.apache.org>
Subject: Re: Regarding log4j2 upgrade: HIVE-25804, HIVE-25795 related
to CVE-2021-44228
+ security
From: "Sundaram, Ramakrishnan" <rsund...@visa.com>
Date: Wednesday, December 15, 2021 at 1:32 PM
To: "dev@hive.apache.org" <dev@hive.apache.org>
Subject: Regarding log4j2 upgrade: HIVE-25804, HIVE-25795 related to
CVE-2021-44228
Hi,
I see in HIVE-25804 and HIVE-25795, testutils/ptest2/pom.xml is not
upgraded to latest versions.
Is this a miss? Or the change is not needed?
Regards,
Ram
