Google Git
Sign in
apache / hadoop / 2b7480d4ed4d4b0245724c706a3fe52fe13d74be
commit2b7480d4ed4d4b0245724c706a3fe52fe13d74be[log] [tgz]
authorSteve Loughran <stevel@cloudera.com>Mon Dec 19 11:24:24 2022 +0000
committerGitHub <noreply@github.com>Mon Dec 19 11:24:24 2022 +0000
tree4a7d967f517ba11e37af795d334d161de19132ed
parentb67c950380b4612a5743bd4627baf1ce93eff766 [diff]
HADOOP-18561. Update commons-net to 3.9.0 (#5214)


Addresses CVE-2021-37533, which *only* relates to FTP.

Applications not using the ftp:// filesystem, which, as
anyone who has used it will know is very minimal and
so rarely used, is not a critical part of the project.

Furthermore, the FTP-related issue is at worst information leakage
if someone connects to a malicious server.

This is a due diligence PR rather than an emergency fix.

Contributed by Steve Loughran
2 files changed
tree: 4a7d967f517ba11e37af795d334d161de19132ed
  1. .github/
  2. dev-support/
  3. hadoop-assemblies/
  4. hadoop-build-tools/
  5. hadoop-client-modules/
  6. hadoop-cloud-storage-project/
  7. hadoop-common-project/
  8. hadoop-dist/
  9. hadoop-hdfs-project/
  10. hadoop-mapreduce-project/
  11. hadoop-maven-plugins/
  12. hadoop-minicluster/
  13. hadoop-project/
  14. hadoop-project-dist/
  15. hadoop-tools/
  16. hadoop-yarn-project/
  17. licenses/
  18. licenses-binary/
  19. .gitattributes
  20. .gitignore
  21. BUILDING.txt
  22. LICENSE-binary
  23. LICENSE-binary-yarn-applications-catalog-webapp
  24. LICENSE-binary-yarn-ui
  25. LICENSE.txt
  26. NOTICE-binary
  27. NOTICE.txt
  28. pom.xml
  29. README.txt
  30. start-build-env.sh