[jira] [Commented] (HIVE-27196) Upgrade jettision version to 1.5.4 due to CVEs

Mahesh Raju Somalaraju (Jira) Mon, 24 Apr 2023 22:28:05 -0700


    [ 
https://issues.apache.org/jira/browse/HIVE-27196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17716084#comment-17716084
 ]


Mahesh Raju Somalaraju commented on HIVE-27196:
-----------------------------------------------

this is fixed in part of HIVE-27286.

Hence closing this jira.

> Upgrade jettision version to 1.5.4 due to CVEs
> ----------------------------------------------
>
>                 Key: HIVE-27196
>                 URL: https://issues.apache.org/jira/browse/HIVE-27196
>             Project: Hive
>          Issue Type: Improvement
>            Reporter: Mahesh Raju Somalaraju
>            Assignee: Mahesh Raju Somalaraju
>            Priority: Major
>
> [CVE-2023-1436|https://www.cve.org/CVERecord?id=CVE-2023-1436]
> [CWE-400|https://cwe.mitre.org/data/definitions/400.html]
> Need to update jettison version to 1.5.4 version due to above CVE issues.
> version 1.5.4 has no CVE issues.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (HIVE-27196) Upgrade jettision version to 1.5.4 due to CVEs

Reply via email to