hive icon indicating copy to clipboard operation
hive copied to clipboard

Published 20 hours ago verified publisher icon apache

HIVE-28040 : Upgrade netty to 4.1.100 due to CVE-2023-44487

Open AnmolSun opened this issue 1 year ago • 4 comments

What changes were proposed in this pull request?

This PR upgrades Netty version to 4.1.100.Final.

Why are the changes needed?

The changes are required because Netty versions below 4.1.100 are impacted due to CVE-2023-44487. Hadoop and Tez are also currently at netty version 4.1.100.Final.

Does this PR introduce any user-facing change?

No

Is the change a dependency upgrade?

Yes

How was this patch tested?

The automated tests are successful.

OSS JIRA : HIVE-28040

AnmolSun avatar Jan 29 '24 08:01 AnmolSun

The test failure seem flaky/unrelated and are passing locally.

AnmolSun avatar Jan 30 '24 09:01 AnmolSun

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Feb 01 '24 15:02 sonarqubecloud[bot]

Thank you for letting me know @aturoczy. I have filled out the details.

AnmolSun avatar Feb 02 '24 08:02 AnmolSun

+1 (non-binding)

Aggarwal-Raghav avatar Feb 10 '24 08:02 Aggarwal-Raghav

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Feel free to reach out on the [email protected] list if the patch is in need of reviews.

github-actions[bot] avatar Apr 11 '24 00:04 github-actions[bot]