[jira] [Commented] (HIVE-26322) Upgrade gson to 2.9.0 due to CVE

Zhihua Deng (Jira) Fri, 15 Jul 2022 01:06:10 -0700


    [ 
https://issues.apache.org/jira/browse/HIVE-26322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567144#comment-17567144
 ]


Zhihua Deng commented on HIVE-26322:
------------------------------------

Hi [~cnauroth], the jira is a duplicate with 
https://issues.apache.org/jira/browse/HIVE-26078, which has upgraded gson to 
version 2.8.9, as there are no other vulnerabilities found since from that 
version, so i mark this as duplicate as i want to avoid the cves of gson.

> Upgrade gson to 2.9.0 due to CVE
> --------------------------------
>
>                 Key: HIVE-26322
>                 URL: https://issues.apache.org/jira/browse/HIVE-26322
>             Project: Hive
>          Issue Type: Improvement
>            Reporter: Zhihua Deng
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 20m
>  Remaining Estimate: 0h
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (HIVE-26322) Upgrade gson to 2.9.0 due to CVE

Reply via email to