commit | 2b7480d4ed4d4b0245724c706a3fe52fe13d74be | [log] [tgz] |
---|---|---|
author | Steve Loughran <stevel@cloudera.com> | Mon Dec 19 11:24:24 2022 +0000 |
committer | GitHub <noreply@github.com> | Mon Dec 19 11:24:24 2022 +0000 |
tree | 4a7d967f517ba11e37af795d334d161de19132ed | |
parent | b67c950380b4612a5743bd4627baf1ce93eff766 [diff] |
HADOOP-18561. Update commons-net to 3.9.0 (#5214) Addresses CVE-2021-37533, which *only* relates to FTP. Applications not using the ftp:// filesystem, which, as anyone who has used it will know is very minimal and so rarely used, is not a critical part of the project. Furthermore, the FTP-related issue is at worst information leakage if someone connects to a malicious server. This is a due diligence PR rather than an emergency fix. Contributed by Steve Loughran