You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa hadoop

Sigurnosni nedostatak programskog paketa hadoop

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2018-beec9e3fda
2018-12-09 21:00:35.314148
——————————————————————————–

Name : hadoop
Product : Fedora 29
Version : 2.7.7
Release : 1.fc29
URL : https://hadoop.apache.org
Summary : A software platform for processing vast amounts of data
Description :
Apache Hadoop is a framework that allows for the distributed processing of
large data sets across clusters of computers using simple programming models.
It is designed to scale up from single servers to thousands of machines, each
offering local computation and storage.

——————————————————————————–
Update Information:

Bug fix and upgrade to version 2.7.7
——————————————————————————–
ChangeLog:

* Thu Nov 29 2018 Mike Miller <mmiller@apache.org> – 2.7.7-1
– Upgrade to 2.7.7. Remove patch no longer needed for CVE-2018-8009
* Wed Nov 28 2018 Mike Miller <mmiller@apache.org> – 2.7.6-6
– Fix NoClassDefFoundError with cglib in Yarn and make top level hadoop package
——————————————————————————–
References:

[ 1 ] Bug #1654240 – CVE-2018-11766 hadoop: Privilege escalation to root (Incomplete fix for CVE-2016-6811) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1654240
[ 2 ] Bug #1554525 – When starting Resource Manager – java.lang.NoClassDefFoundError: net/sf/cglib/core/CodeGenerationException
https://bugzilla.redhat.com/show_bug.cgi?id=1554525
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-beec9e3fda’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-f1f44e4c6d
2018-12-09 21:00:33.895074
——————————————————————————–

Name : hadoop
Product : Fedora 28
Version : 2.7.7
Release : 1.fc28
URL : https://hadoop.apache.org
Summary : A software platform for processing vast amounts of data
Description :
Apache Hadoop is a framework that allows for the distributed processing of
large data sets across clusters of computers using simple programming models.
It is designed to scale up from single servers to thousands of machines, each
offering local computation and storage.

——————————————————————————–
Update Information:

Bug fix and upgrade to version 2.7.7
——————————————————————————–
ChangeLog:

* Thu Nov 29 2018 Mike Miller <mmiller@apache.org> – 2.7.7-1
– Upgrade to 2.7.7. Remove patch no longer needed for CVE-2018-8009
* Wed Nov 28 2018 Mike Miller <mmiller@apache.org> – 2.7.6-5
– Fix NoClassDefFoundError with cglib in Yarn and make top level hadoop package
* Fri Jul 6 2018 Christopher Tubbs <ctubbsii@fedoraproject.org> – 2.7.6-4
– Disable container-executor builds (rhbz#1597446 not fixed on s390x and armv7hl)
* Thu Jul 5 2018 Christopher Tubbs <ctubbsii@fedoraproject.org> – 2.7.6-3
– Fix rhbz#1597446 (container-executor builds) and rhbz#1593020 (CVE-2018-8009)
* Fri Jun 29 2018 Mike Miller <mmiller@apache.org> – 2.7.6-2
– Fix jetty version dependencies
* Wed Jun 27 2018 Mike Miller <mmiller@apache.org> – 2.7.6-1
– Upgrade to version 2.7.6
* Tue May 29 2018 Rafael dos Santos <rdossant@redhat.com> – 2.7.3-10
– Use standard Fedora build/linker flags (rhbz#1540172)
* Wed Mar 7 2018 Christopher Tubbs <ctubbsii@fedoraproject.org> – 2.7.3-9
– Add gcc-c++ BuildRequires
* Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> – 2.7.3-8
– Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1654240 – CVE-2018-11766 hadoop: Privilege escalation to root (Incomplete fix for CVE-2016-6811) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1654240
[ 2 ] Bug #1554525 – When starting Resource Manager – java.lang.NoClassDefFoundError: net/sf/cglib/core/CodeGenerationException
https://bugzilla.redhat.com/show_bug.cgi?id=1554525
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-f1f44e4c6d’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorJosip Papratovic
Cert idNCERT-REF-2018-12-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa tomcat

Otkriven je sigurnosni nedostatak u programskom paketu tomcat za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje preusmjeravanje na proizvoljne...

Close