[
https://issues.apache.org/jira/browse/IMPALA-13952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17973530#comment-17973530
]
ASF subversion and git services commented on IMPALA-13952:
----------------------------------------------------------
Commit 256048770092a3eb9b842b1deaf9ed56752468c6 in impala's branch
refs/heads/master from Joe McDonnell
[ https://gitbox.apache.org/repos/asf?p=impala.git;h=256048770 ]
IMPALA-13952: Update curl version to 8.14.1
This bumps the curl version to the latest (8.14.1) to resolve
some minor CVEs. See https://curl.se/docs/security.html
This also incorporates a newer toolchain with the fix for
IMPALA-14129, bumping the patch level on hadoop-client.
Testing:
- Ran precommit
Change-Id: Ia488b381f0cd9f4e6d239d265a897be1ab96915e
Reviewed-on: http://gerrit.cloudera.org:8080/23013
Tested-by: Impala Public Jenkins <[email protected]>
Reviewed-by: Jason Fehr <[email protected]>
Reviewed-by: Riza Suminto <[email protected]>
> Update libcurl to 8.14.1 or higher
> ----------------------------------
>
> Key: IMPALA-13952
> URL: https://issues.apache.org/jira/browse/IMPALA-13952
> Project: IMPALA
> Issue Type: Task
> Components: Infrastructure
> Affects Versions: Impala 5.0.0
> Reporter: Joe McDonnell
> Assignee: Joe McDonnell
> Priority: Major
> Fix For: Impala 5.0.0
>
>
> There are a couple low severity CVEs in curl 8.10.1 that we are currently
> using. They don't seem to affect our use case, but we should update to 8.14.1
> or higher to get past those.
> [https://curl.se/docs/security.html] (161-167)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
