Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HIVE-27394: Upgrade commons dependency to fix CVE #4377

Merged
merged 1 commit into from Jun 10, 2023
Merged

HIVE-27394: Upgrade commons dependency to fix CVE #4377

merged 1 commit into from Jun 10, 2023

Conversation

Aggarwal-Raghav
Copy link
Contributor

  1. Upgrade commons-cli to 1.5.0 to fix CVE-2020-15250
  2. Upgrade commons-compress to 1.23.0
  3. Upgrade commons-lang3 to 3.12.0
  4. Upgrade commons-io to 2.12.0

What changes were proposed in this pull request?

HIVE-27394

Why are the changes needed?

To fix CVE and use the latest versions

Does this PR introduce any user-facing change?

No

How was this patch tested?

By running build on local machine

@Aggarwal-Raghav
HIVE-27394: Upgrade commons dependency to fix CVE
9e9ed83 
  1. Upgrade commons-cli to 1.5.0 to fix CVE-2020-15250
  2. Upgrade commons-compress to 1.23.0
  3. Upgrade commons-lang3 to 3.12.0
  4. Upgrade commons-io to 2.12.0
@sonarcloud
Copy link

sonarcloud bot commented Jun 1, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@zratkai
Copy link
Contributor

zratkai commented Jun 2, 2023

LGTM.

@Aggarwal-Raghav
Copy link
Contributor Author

@deniskuzZ, can you review it!!

deniskuzZ
deniskuzZ approved these changes Jun 8, 2023
View reviewed changes
Copy link
Member

@deniskuzZ deniskuzZ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM +1

@deniskuzZ deniskuzZ merged commit 8f4fbbe into apache:master Jun 10, 2023
7 checks passed
yeahyung pushed a commit to yeahyung/hive that referenced this pull request Jul 20, 2023
@Aggarwal-Raghav @yeahyung
HIVE-27394: Upgrade commons dependency to fix CVE (Raghav Aggarwal, r…
9cf55f3 
…eviewed by Denys Kuzmenko, Zoltan Ratkai)

Closes apache#4377
tarak271 pushed a commit to tarak271/hive-1 that referenced this pull request Dec 19, 2023
@Aggarwal-Raghav @tarak271
HIVE-27394: Upgrade commons dependency to fix CVE (Raghav Aggarwal, r…
52a10bc 
…eviewed by Denys Kuzmenko, Zoltan Ratkai)

Closes apache#4377
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deniskuzZ deniskuzZ deniskuzZ approved these changes

Assignees
No one assigned
Labels
tests passed
Projects
None yet
Milestone
No milestone
4 participants
@Aggarwal-Raghav @zratkai @deniskuzZ @kgyrtkirk