Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
26,370 Commits 326 Branches 371 Tags 1.5 GiB
Commit Graph

791 Commits

Author SHA1 Message Date
Steve Loughran 52c72fafe4
HADOOP-18470. Update index md with section on ABFS prefetching 2022-12-19 13:04:26 +00:00
Steve Loughran 5f08e51b72
HADOOP-18561. Update commons-net to 3.9.0 (#5214) 
Addresses CVE-2021-37533, which *only* relates to FTP.

Applications not using the ftp:// filesystem, which, as
anyone who has used it will know is very minimal and
so rarely used, is not a critical part of the project.

Furthermore, the FTP-related issue is at worst information leakage
if someone connects to a malicious server.

This is a due diligence PR rather than an emergency fix.

Contributed by Steve Loughran
 2022-12-15 16:45:05 +00:00
Murali Krishna 2e88096266
HADOOP-18538. Upgrade kafka to 2.8.2 (#5164) 
Signed-off-by: Brahma Reddy Battula <brahma@apache.org>
 2022-12-06 22:27:46 +05:30
Steve Loughran 84b33b897c
HADOOP-18470. index.md update for 3.3.5 release 2022-12-05 16:13:24 +00:00
PJ Fanning e09e81abe4
HADOOP-18496: remove unused okhttp.version (#5140). Contributed by PJ Fanning. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-11-27 18:59:40 +05:30
PJ Fanning d340c4a7a1
HADOOP-18496. Upgrade okhttp3 and dependencies due to kotlin CVEs (#5035) 
Updates okhttp3 and okio so their transitive dependency on Kotlin
stdlib is free from recent CVEs.

okhttp3:okhttp => 4.10.0
okio:okio => 3.2.0
kotlin stdlib => 1.6.20

kotlin CVEs fixed:
 CVE-2022-24329
 CVE-2020-29582
 
Contributed by PJ Fanning.
 2022-11-12 14:14:19 +00:00
Steve Vaughan 2ba982a061
MAPREDUCE-7386. Maven parallel builds (skipping tests) fail (#4415) 
Contributed by Steve Vaughan Jr
 2022-11-04 11:50:43 +00:00
Ashutosh Gupta e62ba16a02
HADOOP-18484. Upgrade hsqldb to v2.7.1 to mitigate CVE-2022-41853 (#4991) 2022-11-02 08:41:27 +01:00
PJ Fanning 7ba304d1c6
HADOOP-18512: upgrade woodstox-core to 5.4.0 for security fix (#5087). Contributed by PJ Fanning. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-11-02 00:11:41 +05:30
PJ Fanning d6a65a4180
HADOOP-18472. Upgrade to snakeyaml 1.33 (#4958) 
Reviewed-by: Dinesh Chitlangia <dineshc@apache.org>
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-10-30 02:30:41 +09:00
Willi Raschkowski c4aa41aa80
HADOOP-18500. Upgrade maven-shade-plugin to 3.3.0 (#5045) 
Contributed by Willi Raschkowski
 2022-10-20 18:47:33 +01:00
Hexiaoqiao babb050fa3
HADOOP-18497. Upgrade commons-text version to fix CVE-2022-42889. (#5037). Contributed by PJ Fanning. 
Co-authored-by: He Xiaoqiao <hexiaoqiao@apache.org>
Reviewed-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>
 2022-10-18 11:28:56 +08:00
PJ Fanning 4ff6c9b8de
HADOOP-18493: upgrade jackson-databind to 2.12.7.1 (#5011). Contributed by PJ Fanning. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-10-17 10:03:10 +05:30
slfan1989 3ff8f58f8c
HADOOP-18360. Update commons-csv from 1.0 to 1.9.0. (#4928). Contributed by fanshilun. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-10-13 12:10:54 +05:30
Steve Loughran 540a660429
HADOOP-18480. Upgrade aws sdk to 1.12.316 (#4972) 
Contributed by Steve Loughran
 2022-10-10 10:23:50 +01:00
PJ Fanning 5eddec8c46
HADOOP-18468: Upgrade jettison to 1.5.1 to fix CVE-2022-40149 (#4937) 
Contributed by PJ Fanning
 2022-10-07 15:44:01 +01:00
Steve Loughran 38b2ed2151
HADOOP-18442. Remove openstack support (#4855) 
Contributed by Steve Loughran
 2022-10-06 11:49:38 +01:00
Ashutosh Gupta 7923cac86b
HADOOP-18443. Upgrade snakeyaml to 1.32 (#4906) 
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
Reviewed-by: Inigo Goiri <inigoiri@apache.org>
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-09-25 23:49:48 +09:00
PJ Fanning e6d2c336cb
HADOOP-18341: upgrade commons-configuration2 to 2.8.0 and commons-text to 1.9 (#4578) 
Reviewed-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Takanobu Asanuma <tasanuma@apache.org>
 2022-09-22 09:45:20 +09:00
slfan1989 4d9bb81b16
HADOOP-18451. Update hsqldb.version from 2.3.4 to 2.5.2. (#4880) 2022-09-20 11:10:51 -07:00
Colm O hEigeartaigh 272844ee57
HADOOP-15072 - Update Apache Kerby to 2.0.2 (#4473) 2022-09-15 00:43:25 +08:00
Ashutosh Gupta 832d0e0d76
HADOOP-18443. Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 (#4856) 
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Brahma Reddy Battula <brahma@apache.org>
 2022-09-08 19:58:38 +05:30
Ayush Saxena 880686d1e3
Revert "HADOOP-18417. Upgrade to M7 of surefire plugin (#4795)" 
This reverts commit 1ff121041c.
 2022-08-25 03:44:49 +05:30
slfan1989 052d7f286e
HADOOP-18361. Update commons-net from 3.6 to 3.8.0. (#4683). Contributed by fanshilun. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-08-24 20:05:17 +05:30
Steve Vaughan 1ff121041c
HADOOP-18417. Upgrade to M7 of surefire plugin (#4795) 
This addresses an issue where the plugin's default classpath for executing tests fails to include org.junit.platform.launcher.core.LauncherFactory.

Contributed by: Steve Vaughan Jr
 2022-08-24 11:04:04 +01:00
Ashutosh Gupta 69f6fdb757
HADOOP-18301. Upgrade commons-io to 2.11.0 (#4455) 
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-08-03 10:44:39 +09:00
slfan1989 13fbfd5dea
HADOOP-18358. Update commons-math3 from 3.1.1 to 3.6.1. (#4619). Contributed by fanshilun. 
Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
 2022-08-02 01:48:47 +05:30
Steve Loughran 58ed621304
HADOOP-18344. Upgrade AWS SDK to 1.12.262 (#4637) 
Fixes CVE-2018-7489 in shaded jackson.

+Add more commands in testing.md
 to the CLI tests needed when qualifying
 a release

Contributed by Steve Loughran
 2022-07-28 11:29:38 +01:00
Ashutosh Gupta e664f81ce7
HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (#4553) 
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
 2022-07-21 00:15:39 +08:00
Wei-Chiu Chuang a55ace7bc0
HADOOP-18079. Upgrade Netty to 4.1.77. (#3977) 
Upgrade netty to address

CVE-2019-20444,
CVE-2019-20445
CVE-2022-24823

Contributed by Wei-Chiu Chuang
 2022-07-18 10:41:00 +01:00
PJ Fanning 34e548cb62
HADOOP-18332: remove rs-api dependency as it conflicts with jsr311-api (#4547) 
This downgrades jackson from the version switched to in
    HADOOP-18033 (2.13.0), to Jackson 2.12.7.
    This removes the dependency on javax.ws.rs-api,
    so avoiding runtime problems with applications using
    jersey-core v1 and/or jsr311-api.
    
    The 2.12.7 release still contains the fix for CVE-2020-36518.
    
    Contributed by PJ Fanning
 2022-07-17 21:37:54 +05:30
Colm O hEigeartaigh 25f8bdcd21
HADOOP-18308 - Update to Apache LDAP API 2.0.x (#4477) 
Update the dependencies of the LDAP libraries used for testing:

ldap-api.version = 2.0.0
apacheds.version = 2.0.0.AM26

Contributed by Colm O hEigeartaigh.
 2022-06-27 11:15:18 +01:00
Igor Dvorzhak 77d1b194c7
HADOOP-18300. Upgrade Gson dependency to version 2.9.0 (#4454) 
Reviewed-by: Ayush Saxena <ayushsaxena@apache.org>
Signed-off-by: Chris Nauroth <cnauroth@apache.org>
 2022-06-22 16:37:22 -07:00
Mukund Thakur 2daf0a814f HADOOP-11867. Add a high-performance vectored read API. (#3904) 
part of HADOOP-18103.
Add support for multiple ranged vectored read api in PositionedReadable.
The default iterates through the ranges to read each synchronously,
but the intent is that FSDataInputStream subclasses can make more
efficient readers especially in object stores implementation.

Also added implementation in S3A where smaller ranges are merged and
sliced byte buffers are returned to the readers. All the merged ranged are
fetched from S3 asynchronously.

Contributed By: Owen O'Malley and Mukund Thakur
 2022-06-22 17:29:32 +01:00
Steve Loughran a234d00c1c
HADOOP-18275. Update os-maven-plugin to 1.7.0 (#4397) 
Contributed by Steve Loughran
 2022-06-06 13:17:32 +01:00
Viraj Jasani 0733e968ab
HADOOP-18224. Upgrade maven compiler plugin to 3.10.1 (#4267) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-05-21 03:21:13 +09:00
Ashutosh Gupta fb910bd906
HDFS-16453. Upgrade okhttp from 2.7.5 to 4.9.3 (#4229) 
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-05-21 02:53:14 +09:00
Ashutosh Gupta 3ecdf39943
HADOOP-18237. Upgrade Apache Xerces Java to 2.12.2 (#4318) 
Upgrade Apache Xerces Java to 2.12.2 due to handle vulnerability CVE-2022-23437

Contributed by Ashutosh Gupta
 2022-05-17 20:34:12 +01:00
PJ Fanning 63187083cc
HADOOP-15983. Use jersey-json that is built to use jackson2 (#3988) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-04-28 14:18:19 +09:00
Viraj Jasani 8ea3358380
HADOOP-18196. Remove replace-guava from replacer plugin (#4152) 2022-04-15 23:24:02 +09:00
PJ Fanning bfde9102be
HADOOP-18195. Make jackson 1 a runtime scope dependency (#4149) 
Contributed by PJ Fanning
 2022-04-08 10:24:09 +01:00
PJ Fanning 4b786c797a
HADOOP-18178. Upgrade jackson to 2.13.2 and jackson-databind to 2.13.2.2 (#4111) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-04-07 16:19:36 +09:00
Akira Ajisaka 4e32318ace
HDFS-16523. Fix dependency error in hadoop-hdfs on M1 Mac (#4112) 
The version of hawtjni-runtime has been fixed to 1.11 to avoid build failures

Contributed by Akira Ajisaka
 2022-03-29 16:44:55 +01:00
PJ Fanning 61e809b245
HADOOP-13386. Upgrade Avro to 1.9.2 (#3990) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-03-26 20:31:16 +09:00
Steve Loughran 8294bd5a37
HADOOP-18163. hadoop-azure support for the Manifest Committer of MAPREDUCE-7341 
Follow-on patch to MAPREDUCE-7341, adding ABFS support and tests

* resilient rename
* tests for job commit through the manifest committer.

contains
- HADOOP-17976. ABFS etag extraction inconsistent between LIST and HEAD calls
- HADOOP-16204. ABFS tests to include terasort

Contributed by Steve Loughran.

Change-Id: I0a7d4043bdf19bcb00c033fc389730109b93b77f
 2022-03-17 11:24:51 +00:00
Viraj Jasani 66b72406bd
HADOOP-18131. Upgrade maven enforcer plugin and relevant dependencies (#4000) 
Reviewed-by: Akira Ajisaka <aajisaka@apache.org>
Reviewed-by: Wei-Chiu Chuang <weichiu@apache.org>
Signed-off-by: Takanobu Asanuma <tasanuma@apache.org>
 2022-03-08 17:27:04 +09:00
PJ Fanning da5a774018
HADOOP-17563. Upgrade BouncyCastle to 1.68 (#3980) 
Contributed by PJ Fanning
 2022-03-07 22:21:10 +00:00
Wei-Chiu Chuang 007c2011ef
YARN-11068. Update transitive log4j2 dependency to 2.17.1 (#3963) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-02-21 13:33:38 +09:00
PJ Fanning 5f6a294fab
HADOOP-18126. update junit 5 version due to build issues (#3993) 
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
 2022-02-17 14:03:39 +09:00
Aswin Shakil Balasubramanian 41c86b6464
HADOOP-18101. Bump aliyun-sdk-oss to 3.13.2 and jdom2 to 2.0.6.1 (#3951) 2022-02-03 15:50:38 -08:00