Fixed CVEs
Common Vulnerabilities and Exposures (CVE) that are addressed in this release are mentioned in the following table:
| Bug ID | Apache JIRA | Description |
|---|---|---|
| ODP-327 | N/A | Log4j1.x fix for Hadoop |
| ODP-328 | N/A | Log4j1.x fix for Tez |
| ODP-528 | N/A | Log4j to reload4j fix for Spark3 |
| ODP-562 | AMBARI-25722 | Migrating log4j-1.2.17 to reload4j-1.2.25 |
| ODP-566 | HADOOP-18497 | CVE-2022-42889 upgrade common-text from 1.4 to 1.10.0 |
| ODP-565 | Hive-27287 | CVE-2022-42889 common-text from 1.8.0 to 1.10.0 |
| ODP-626 | SPARK-38992 | CVE-2022-33891 affecting Spark 2.4.x |
Was this page helpful?