Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HADOOP-19154. Upgrade bouncycastle to 1.78.1 due to CVEs #6755

Merged
merged 1 commit into from
Jun 5, 2024
Merged

HADOOP-19154. Upgrade bouncycastle to 1.78.1 due to CVEs #6755

merged 1 commit into from
Jun 5, 2024

Conversation

pjfanning
Copy link
Contributor

Description of PR

HADOOP-19154

Release 1.78 deals with the following CVEs:

CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.
CVE-2024-30171 - Possible timing based leakage in RSA based handshakes due to exception processing eliminated.
CVE-2024-30172 - Crafted signature and public key can be used to trigger an infinite loop in the Ed25519 verification code.
CVE-2024-301XX - When endpoint identification is enabled and an SSL socket is not created with an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address. This has been fixed.

How was this patch tested?

For code changes:

  • Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
  • Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
  • If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
  • If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 58s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+0 🆗 markdownlint 0m 0s markdownlint was not available.
+0 🆗 xmllint 0m 0s xmllint was not available.
+0 🆗 shelldocs 0m 0s Shelldocs was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 15m 7s Maven dependency ordering for branch
+1 💚 mvninstall 32m 29s trunk passed
+1 💚 compile 17m 42s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 compile 16m 1s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 mvnsite 21m 29s trunk passed
+1 💚 javadoc 8m 41s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 58s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 49m 18s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 0m 40s Maven dependency ordering for patch
+1 💚 mvninstall 30m 8s the patch passed
+1 💚 compile 17m 3s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javac 17m 3s the patch passed
+1 💚 compile 16m 3s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 javac 16m 3s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 mvnsite 16m 24s the patch passed
+1 💚 shellcheck 0m 0s No new issues.
+1 💚 javadoc 8m 35s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 55s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 50m 28s patch has no errors when building and testing our client artifacts.
_ Other Tests _
-1 ❌ unit 839m 27s /patch-unit-root.txt root in the patch passed.
+1 💚 asflicense 1m 41s The patch does not generate ASF License warnings.
1131m 28s
Reason Tests
Failed junit tests hadoop.yarn.server.timelineservice.security.TestTimelineAuthFilterForV2
hadoop.hdfs.server.datanode.TestLargeBlockReport
hadoop.hdfs.TestRollingUpgrade
Subsystem Report/Notes
Docker ClientAPI=1.45 ServerAPI=1.45 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/1/artifact/out/Dockerfile
GITHUB PR #6755
Optional Tests dupname asflicense mvnsite codespell detsecrets markdownlint compile javac javadoc mvninstall unit shadedclient xmllint shellcheck shelldocs
uname Linux 94023e7f2720 5.15.0-94-generic #104-Ubuntu SMP Tue Jan 9 15:25:40 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / c9f6b3d
Default Java Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/1/testReport/
Max. process+thread count 3586 (vs. ulimit of 5500)
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/1/console
versions git=2.25.1 maven=3.6.3 shellcheck=0.7.0
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@brahmareddybattula
Copy link
Contributor

@pjfanning thank for reporting, would check on jenkins and justify.?

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
_ Prechecks _
+1 💚 dupname 0m 00s No case conflicting files found.
+0 🆗 codespell 0m 00s codespell was not available.
+0 🆗 detsecrets 0m 00s detect-secrets was not available.
+0 🆗 shellcheck 0m 01s Shellcheck was not available.
+0 🆗 shelldocs 0m 01s Shelldocs was not available.
+0 🆗 markdownlint 0m 01s markdownlint was not available.
+0 🆗 xmllint 0m 00s xmllint was not available.
+1 💚 @author 0m 00s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 00s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 4m 01s Maven dependency ordering for branch
+1 💚 mvninstall 88m 53s trunk passed
+1 💚 compile 39m 12s trunk passed
-1 ❌ mvnsite 23m 14s /branch-mvnsite-root.txt root in trunk failed.
+1 💚 javadoc 15m 06s trunk passed
+1 💚 shadedclient 314m 57s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 2m 38s Maven dependency ordering for patch
+1 💚 mvninstall 92m 00s the patch passed
+1 💚 compile 39m 05s the patch passed
+1 💚 javac 39m 05s the patch passed
+1 💚 blanks 0m 00s The patch has no blanks issues.
-1 ❌ mvnsite 22m 26s /patch-mvnsite-root.txt root in the patch failed.
+1 💚 javadoc 15m 39s the patch passed
+1 💚 shadedclient 188m 34s patch has no errors when building and testing our client artifacts.
_ Other Tests _
+1 💚 asflicense 6m 04s The patch does not generate ASF License warnings.
653m 34s
Subsystem Report/Notes
GITHUB PR #6755
Optional Tests dupname asflicense codespell detsecrets shellcheck shelldocs mvnsite markdownlint compile javac javadoc mvninstall unit shadedclient xmllint
uname MINGW64_NT-10.0-17763 178c6f9cc74c 3.4.10-87d57229.x86_64 2024-02-14 20:17 UTC x86_64 Msys
Build tool maven
Personality /c/hadoop/dev-support/bin/hadoop.sh
git revision trunk / c9f6b3d
Default Java Azul Systems, Inc.-1.8.0_332-b09
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/1/testReport/
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/1/console
versions git=2.44.0.windows.1
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 59s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+0 🆗 markdownlint 0m 0s markdownlint was not available.
+0 🆗 xmllint 0m 0s xmllint was not available.
+0 🆗 shelldocs 0m 0s Shelldocs was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 14m 50s Maven dependency ordering for branch
+1 💚 mvninstall 32m 29s trunk passed
+1 💚 compile 17m 32s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 compile 16m 17s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 mvnsite 22m 17s trunk passed
+1 💚 javadoc 8m 42s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 59s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 49m 20s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 0m 41s Maven dependency ordering for patch
+1 💚 mvninstall 30m 0s the patch passed
+1 💚 compile 16m 56s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javac 16m 56s the patch passed
+1 💚 compile 16m 13s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 javac 16m 13s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 mvnsite 16m 23s the patch passed
+1 💚 shellcheck 0m 0s No new issues.
+1 💚 javadoc 8m 34s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 58s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 51m 2s patch has no errors when building and testing our client artifacts.
_ Other Tests _
-1 ❌ unit 853m 6s /patch-unit-root.txt root in the patch passed.
+1 💚 asflicense 1m 27s The patch does not generate ASF License warnings.
1145m 53s
Reason Tests
Failed junit tests hadoop.hdfs.server.datanode.TestLargeBlockReport
hadoop.hdfs.rbfbalance.TestRouterDistCpProcedure
Subsystem Report/Notes
Docker ClientAPI=1.45 ServerAPI=1.45 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/2/artifact/out/Dockerfile
GITHUB PR #6755
Optional Tests dupname asflicense mvnsite codespell detsecrets markdownlint compile javac javadoc mvninstall unit shadedclient xmllint shellcheck shelldocs
uname Linux 3706a0b0bcc2 5.15.0-94-generic #104-Ubuntu SMP Tue Jan 9 15:25:40 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / 2254842
Default Java Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/2/testReport/
Max. process+thread count 3642 (vs. ulimit of 5500)
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/2/console
versions git=2.25.1 maven=3.6.3 shellcheck=0.7.0
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 56s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+0 🆗 markdownlint 0m 0s markdownlint was not available.
+0 🆗 xmllint 0m 0s xmllint was not available.
+0 🆗 shelldocs 0m 0s Shelldocs was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 15m 13s Maven dependency ordering for branch
+1 💚 mvninstall 32m 8s trunk passed
+1 💚 compile 17m 17s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 compile 16m 14s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 mvnsite 22m 59s trunk passed
+1 💚 javadoc 8m 45s trunk passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 55s trunk passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 49m 30s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 0m 39s Maven dependency ordering for patch
+1 💚 mvninstall 30m 2s the patch passed
+1 💚 compile 17m 3s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javac 17m 3s the patch passed
+1 💚 compile 16m 15s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 javac 16m 15s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 mvnsite 17m 0s the patch passed
+1 💚 shellcheck 0m 0s No new issues.
+1 💚 javadoc 8m 48s the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1
+1 💚 javadoc 7m 50s the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
+1 💚 shadedclient 50m 45s patch has no errors when building and testing our client artifacts.
_ Other Tests _
-1 ❌ unit 850m 26s /patch-unit-root.txt root in the patch passed.
+1 💚 asflicense 1m 41s The patch does not generate ASF License warnings.
1144m 34s
Reason Tests
Failed junit tests hadoop.yarn.server.timelineservice.security.TestTimelineAuthFilterForV2
hadoop.hdfs.tools.TestDFSAdmin
hadoop.hdfs.server.datanode.TestLargeBlockReport
hadoop.hdfs.TestRollingUpgrade
Subsystem Report/Notes
Docker ClientAPI=1.45 ServerAPI=1.45 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/3/artifact/out/Dockerfile
GITHUB PR #6755
Optional Tests dupname asflicense mvnsite codespell detsecrets markdownlint compile javac javadoc mvninstall unit shadedclient xmllint shellcheck shelldocs
uname Linux c6188e3065c1 5.15.0-94-generic #104-Ubuntu SMP Tue Jan 9 15:25:40 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / 1dc7c54
Default Java Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu220.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_402-8u402-ga-2ubuntu1~20.04-b06
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/3/testReport/
Max. process+thread count 3670 (vs. ulimit of 5500)
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6755/3/console
versions git=2.25.1 maven=3.6.3 shellcheck=0.7.0
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
_ Prechecks _
+1 💚 dupname 0m 00s No case conflicting files found.
+0 🆗 codespell 0m 00s codespell was not available.
+0 🆗 detsecrets 0m 00s detect-secrets was not available.
+0 🆗 shellcheck 0m 01s Shellcheck was not available.
+0 🆗 shelldocs 0m 01s Shelldocs was not available.
+0 🆗 markdownlint 0m 01s markdownlint was not available.
+0 🆗 xmllint 0m 00s xmllint was not available.
+1 💚 @author 0m 00s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 00s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 2m 15s Maven dependency ordering for branch
+1 💚 mvninstall 86m 32s trunk passed
+1 💚 compile 38m 10s trunk passed
-1 ❌ mvnsite 23m 47s /branch-mvnsite-root.txt root in trunk failed.
+1 💚 javadoc 15m 23s trunk passed
+1 💚 shadedclient 308m 24s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 2m 36s Maven dependency ordering for patch
+1 💚 mvninstall 90m 25s the patch passed
+1 💚 compile 38m 06s the patch passed
+1 💚 javac 38m 06s the patch passed
+1 💚 blanks 0m 00s The patch has no blanks issues.
-1 ❌ mvnsite 22m 41s /patch-mvnsite-root.txt root in the patch failed.
+1 💚 javadoc 15m 40s the patch passed
+1 💚 shadedclient 187m 54s patch has no errors when building and testing our client artifacts.
_ Other Tests _
+1 💚 asflicense 6m 51s The patch does not generate ASF License warnings.
645m 27s
Subsystem Report/Notes
GITHUB PR #6755
Optional Tests dupname asflicense codespell detsecrets shellcheck shelldocs mvnsite markdownlint compile javac javadoc mvninstall unit shadedclient xmllint
uname MINGW64_NT-10.0-17763 f7ab40fab5f3 3.4.10-87d57229.x86_64 2024-02-14 20:17 UTC x86_64 Msys
Build tool maven
Personality /c/hadoop/dev-support/bin/hadoop.sh
git revision trunk / 1dc7c54
Default Java Azul Systems, Inc.-1.8.0_332-b09
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/4/testReport/
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/4/console
versions git=2.44.0.windows.1
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
_ Prechecks _
+1 💚 dupname 0m 00s No case conflicting files found.
+0 🆗 codespell 0m 00s codespell was not available.
+0 🆗 detsecrets 0m 00s detect-secrets was not available.
+0 🆗 shellcheck 0m 00s Shellcheck was not available.
+0 🆗 shelldocs 0m 00s Shelldocs was not available.
+0 🆗 markdownlint 0m 01s markdownlint was not available.
+0 🆗 xmllint 0m 00s xmllint was not available.
+1 💚 @author 0m 00s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 00s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 2m 40s Maven dependency ordering for branch
+1 💚 mvninstall 87m 25s trunk passed
+1 💚 compile 38m 08s trunk passed
-1 ❌ mvnsite 21m 59s /branch-mvnsite-root.txt root in trunk failed.
+1 💚 javadoc 14m 52s trunk passed
+1 💚 shadedclient 308m 31s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 2m 22s Maven dependency ordering for patch
+1 💚 mvninstall 90m 20s the patch passed
+1 💚 compile 38m 04s the patch passed
+1 💚 javac 38m 04s the patch passed
+1 💚 blanks 0m 00s The patch has no blanks issues.
-1 ❌ mvnsite 22m 17s /patch-mvnsite-root.txt root in the patch failed.
+1 💚 javadoc 15m 27s the patch passed
+1 💚 shadedclient 183m 04s patch has no errors when building and testing our client artifacts.
_ Other Tests _
+1 💚 asflicense 6m 26s The patch does not generate ASF License warnings.
639m 59s
Subsystem Report/Notes
GITHUB PR #6755
Optional Tests dupname asflicense codespell detsecrets shellcheck shelldocs mvnsite markdownlint compile javac javadoc mvninstall unit shadedclient xmllint
uname MINGW64_NT-10.0-17763 1a4babd1d2a8 3.4.10-87d57229.x86_64 2024-02-14 20:17 UTC x86_64 Msys
Build tool maven
Personality /c/hadoop/dev-support/bin/hadoop.sh
git revision trunk / c751d7d
Default Java Azul Systems, Inc.-1.8.0_332-b09
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/5/testReport/
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/5/console
versions git=2.44.0.windows.1
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
_ Prechecks _
+1 💚 dupname 0m 00s No case conflicting files found.
+0 🆗 codespell 0m 00s codespell was not available.
+0 🆗 detsecrets 0m 00s detect-secrets was not available.
+0 🆗 shellcheck 0m 00s Shellcheck was not available.
+0 🆗 shelldocs 0m 00s Shelldocs was not available.
+0 🆗 markdownlint 0m 00s markdownlint was not available.
+0 🆗 xmllint 0m 01s xmllint was not available.
+1 💚 @author 0m 00s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 00s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 2m 28s Maven dependency ordering for branch
+1 💚 mvninstall 89m 21s trunk passed
+1 💚 compile 40m 04s trunk passed
-1 ❌ mvnsite 23m 45s /branch-mvnsite-root.txt root in trunk failed.
+1 💚 javadoc 16m 32s trunk passed
+1 💚 shadedclient 321m 37s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 2m 49s Maven dependency ordering for patch
+1 💚 mvninstall 94m 13s the patch passed
+1 💚 compile 40m 25s the patch passed
+1 💚 javac 40m 25s the patch passed
+1 💚 blanks 0m 01s The patch has no blanks issues.
-1 ❌ mvnsite 23m 27s /patch-mvnsite-root.txt root in the patch failed.
+1 💚 javadoc 16m 53s the patch passed
+1 💚 shadedclient 196m 54s patch has no errors when building and testing our client artifacts.
_ Other Tests _
+1 💚 asflicense 6m 38s The patch does not generate ASF License warnings.
673m 23s
Subsystem Report/Notes
GITHUB PR #6755
Optional Tests dupname asflicense codespell detsecrets shellcheck shelldocs mvnsite markdownlint compile javac javadoc mvninstall unit shadedclient xmllint
uname MINGW64_NT-10.0-17763 04fb407b0a67 3.4.10-87d57229.x86_64 2024-02-14 20:17 UTC x86_64 Msys
Build tool maven
Personality /c/hadoop/dev-support/bin/hadoop.sh
git revision trunk / 95a722c
Default Java Azul Systems, Inc.-1.8.0_332-b09
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/6/testReport/
modules C: hadoop-project hadoop-cloud-storage-project/hadoop-cos . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch-windows-10/job/PR-6755/6/console
versions git=2.44.0.windows.1
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@steveloughran
Copy link
Contributor

steveloughran commented May 13, 2024
edited
Loading

This seems to have gone in as #6811.

I'm going to propose rolling back #6811 and merging this one instead as it has a jira ID, goes to a later version and updates the LICENSE file

steveloughran
steveloughran approved these changes May 13, 2024
View reviewed changes
Copy link
Contributor

@steveloughran steveloughran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

pulling this in, for 3.4 we should do the earlier PR which doesn't expect #6811 to be in first.

@pjfanning
Copy link
Contributor Author

@steveloughran the CI builds keep failing because python3 is not installed on the build machine.

@vinayakumarb
Copy link
Contributor

This seems to have gone in as #6811.

I'm going to propose rolling back #6811 and merging this one instead as it has a jira ID, goes to a later version and updates the LICENSE file

Apologies for pushing it early. Thanks @pjfanning for addressing LICENCE-binary issue.

@ayushtkn
Copy link
Member

ayushtkn commented May 14, 2024
edited
Loading

@pjfanning the above result is from windows build which doesn't run tests & some issues with mvn site, the actual build result for your PR is here:
https://ci-hadoop.apache.org/blue/organizations/jenkins/hadoop-multibranch/detail/PR-6755/5/pipeline

It crashed or timed out before giving you the result

For future:
image
there are two links one is the windows one & other one is the normal one, you can check the normal one

@steveloughran steveloughran merged commit 2ee0bf9 into apache:trunk Jun 5, 2024
1 of 2 checks passed
@steveloughran
Copy link
Contributor

presumably we will need this in the older branches...

@pjfanning pjfanning deleted the HADOOP-19154-bc branch June 6, 2024 12:35
pjfanning added a commit to pjfanning/hadoop that referenced this pull request Jun 6, 2024
@pjfanning
HADOOP-19154. Upgrade bouncycastle to 1.78.1 due to CVEs (apache#6755)
72e1edb 
Addresses

* CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.
* CVE-2024-30171 - Possible timing based leakage in RSA based handshakes due to exception processing eliminated.
* CVE-2024-30172 - Crafted signature and public key can be used to trigger an infinite loop in the Ed25519 verification code.
* CVE-2024-301XX - When endpoint identification is enabled and an SSL socket is not created with an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address.

Contributed by PJ Fanning
steveloughran pushed a commit that referenced this pull request Jun 7, 2024
@pjfanning
HADOOP-19154. Upgrade bouncycastle to 1.78.1 due to CVEs (#6755) (#6866)
59b2980 
Addresses

* CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.
* CVE-2024-30171 - Possible timing based leakage in RSA based handshakes due to exception processing eliminated.
* CVE-2024-30172 - Crafted signature and public key can be used to trigger an infinite loop in the Ed25519 verification code.
* CVE-2024-301XX - When endpoint identification is enabled and an SSL socket is not created with an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address.

Contributed by PJ Fanning
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@steveloughran steveloughran steveloughran approved these changes

@vinayakumarb vinayakumarb vinayakumarb approved these changes

@slfan1989 slfan1989 slfan1989 approved these changes

Assignees
No one assigned
Labels
build trunk
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@pjfanning @hadoop-yetus @brahmareddybattula @steveloughran @vinayakumarb @ayushtkn @slfan1989