From 567d6b527e326df3f075d4f6ae3332b22725b2cb Mon Sep 17 00:00:00 2001 From: basapuram-kumar Date: Tue, 13 Aug 2024 10:14:16 +0530 Subject: [PATCH] ODP-2013: ODP-1095 Critical CVE fixes -v2 --- .../hadoop-client-minicluster/pom.xml | 2 +- hadoop-common-project/hadoop-common/pom.xml | 2 ++ .../main/java/org/apache/hadoop/mount/MountdBase.java | 2 -- .../hadoop/mapreduce/jobhistory/EventWriter.java | 10 +++++----- .../hadoop-mapreduce-client-nativetask/pom.xml | 5 ----- hadoop-mapreduce-project/pom.xml | 1 + hadoop-project/pom.xml | 1 + 7 files changed, 10 insertions(+), 13 deletions(-) diff --git a/hadoop-client-modules/hadoop-client-minicluster/pom.xml b/hadoop-client-modules/hadoop-client-minicluster/pom.xml index f9c073294678a..758532a48eb05 100644 --- a/hadoop-client-modules/hadoop-client-minicluster/pom.xml +++ b/hadoop-client-modules/hadoop-client-minicluster/pom.xml @@ -452,7 +452,7 @@ com.sun.jersey jersey-servlet true - exclusions> + javax.servlet servlet-api diff --git a/hadoop-common-project/hadoop-common/pom.xml b/hadoop-common-project/hadoop-common/pom.xml index 47ec1499cda7a..a3e871c61a273 100644 --- a/hadoop-common-project/hadoop-common/pom.xml +++ b/hadoop-common-project/hadoop-common/pom.xml @@ -30,6 +30,7 @@ jar + ${hadoop-thirdparty.version} src/test/resources/kdc common true @@ -246,6 +247,7 @@ org.apache.hadoop.thirdparty hadoop-shaded-avro_1_11 + ${hadoop-thirdparty.avro.version} compile diff --git a/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/mount/MountdBase.java b/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/mount/MountdBase.java index 52dfa9d503607..1e3f0782736e7 100644 --- a/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/mount/MountdBase.java +++ b/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/mount/MountdBase.java @@ -43,8 +43,6 @@ abstract public class MountdBase { private int tcpBoundPort; // Will set after server starts private SimpleUdpServer udpServer = null; private SimpleTcpServer tcpServer = null; - private SimpleUdpServer udpServer = null; - private SimpleTcpServer tcpServer = null; public RpcProgram getRpcProgram() { return rpcProgram; diff --git a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/main/java/org/apache/hadoop/mapreduce/jobhistory/EventWriter.java b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/main/java/org/apache/hadoop/mapreduce/jobhistory/EventWriter.java index 12447d88512d0..75afdc112be2d 100644 --- a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/main/java/org/apache/hadoop/mapreduce/jobhistory/EventWriter.java +++ b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-core/src/main/java/org/apache/hadoop/mapreduce/jobhistory/EventWriter.java @@ -21,11 +21,11 @@ import java.io.IOException; import java.util.ArrayList; -import org.apache.avro.Schema; -import org.apache.avro.io.DatumWriter; -import org.apache.avro.io.Encoder; -import org.apache.avro.io.EncoderFactory; -import org.apache.avro.specific.SpecificDatumWriter; +import org.apache.hadoop.thirdparty.avro.Schema; +import org.apache.hadoop.thirdparty.avro.io.DatumWriter; +import org.apache.hadoop.thirdparty.avro.io.Encoder; +import org.apache.hadoop.thirdparty.avro.io.EncoderFactory; +import org.apache.hadoop.thirdparty.avro.specific.SpecificDatumWriter; import org.apache.hadoop.thirdparty.avro.util.Utf8; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; diff --git a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-nativetask/pom.xml b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-nativetask/pom.xml index f039f5bfb91b2..a30f3a23d539a 100644 --- a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-nativetask/pom.xml +++ b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-nativetask/pom.xml @@ -55,11 +55,6 @@ test - - org.apache.avro - avro - test - junit junit diff --git a/hadoop-mapreduce-project/pom.xml b/hadoop-mapreduce-project/pom.xml index 45db54a086430..2f9b1978711d5 100644 --- a/hadoop-mapreduce-project/pom.xml +++ b/hadoop-mapreduce-project/pom.xml @@ -28,6 +28,7 @@ https://hadoop.apache.org/ + ${hadoop-thirdparty.version} true 600000 once diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index e92146f3b7351..b1577b4672586 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -88,6 +88,7 @@ ${env.HADOOP_PROTOC_PATH} 1.2.0 + ${hadoop-thirdparty.version} ${hadoop-thirdparty.version} ${hadoop-thirdparty.version} org.apache.hadoop.thirdparty