Upstream has announced a security issue on November 8: http://openwall.com/lists/oss-security/2017/11/08/3 The issue is fixed in 2.7.4. Mageia 6 is also affected.
CC: (none) => geiger.david68210Whiteboard: (none) => MGA6TOO
Upstream has announced a security issue today (January 19): http://openwall.com/lists/oss-security/2018/01/19/7 The issue is fixed in 2.7.5. Mageia 6 is also affected.
Summary: hadoop new security issue CVE-2017-3166 => hadoop new security issues CVE-2017-3166 and CVE-2017-15713
Upstream has issued an advisory on January 24: http://openwall.com/lists/oss-security/2018/01/24/5 The issue is fixed in 2.7.5. Mageia 6 is also affected.
Summary: hadoop new security issues CVE-2017-3166 and CVE-2017-15713 => hadoop new security issues CVE-2017-3166 and CVE-2017-1571[38]
Status comment: (none) => Fixed upstream in 2.7.5
Upstream has issued an advisory today (May 1): http://openwall.com/lists/oss-security/2018/05/01/2 The issue is fixed in 2.7.4. Mageia 6 is also affected.
Severity: normal => criticalSummary: hadoop new security issues CVE-2017-3166 and CVE-2017-1571[38] => hadoop new security issues CVE-2016-6811, CVE-2017-3166 and CVE-2017-1571[38]
Fedora has issued an advisory on July 15: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TAN65UU2GAYHTIGHR5BDCMBJAFLLFGLM/ The issue is fixed in 2.7.6 plus a patch from Fedora: https://src.fedoraproject.org/cgit/rpms/hadoop.git/commit/?h=f28&id=7367791e916b8770b2e422c70309502df554042c Mageia 6 is also affected.
Status comment: Fixed upstream in 2.7.5 => Fixed upstream in 2.7.6 plus backported patch from FedoraSummary: hadoop new security issues CVE-2016-6811, CVE-2017-3166 and CVE-2017-1571[38] => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-8009
Finally an upstream advisory for CVE-2018-8009: https://www.openwall.com/lists/oss-security/2018/11/22/2 Fixed upstream in 2.7.7 (which is now in Cauldron).
Status comment: Fixed upstream in 2.7.6 plus backported patch from Fedora => Fixed upstream in 2.7.7Version: Cauldron => 6Whiteboard: MGA6TOO => (none)Source RPM: hadoop-2.7.3-7.mga7.src.rpm => hadoop-2.7.3-1.mga6.src.rpm
Fedora has issued an advisory for this on December 9: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MCCNTYHEER7RVSSVIDAED73EAUK6HWVE/
There's also CVE-2018-1296, fixed in 2.7.6: https://www.openwall.com/lists/oss-security/2019/01/24/3
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-8009 => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009
CVE-2018-11767 is also fixed in 2.7.7: https://www.openwall.com/lists/oss-security/2019/03/11/1
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009 => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767
Upstream has issued an advisory today (May 30): https://www.openwall.com/lists/oss-security/2019/05/30/1 The issue is fixed upstream in 2.8.5.
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767 => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029Status comment: Fixed upstream in 2.7.7 => Fixed upstream in 2.8.5Version: 6 => CauldronWhiteboard: (none) => MGA7TOO, MGA6TOO
Upstream has issued an advisory today (October 4): https://www.openwall.com/lists/oss-security/2019/10/04/1 The issue is fixed upstream in 2.8.5.
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029 => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029, CVE-2018-11768
Whiteboard: MGA7TOO, MGA6TOO => MGA7TOO
Upstream has issued an advisory today (September 28): https://www.openwall.com/lists/oss-security/2020/09/28/1 The issue is fixed upstream in 2.10.0.
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029, CVE-2018-11768 => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029, CVE-2018-1176[58]Status comment: Fixed upstream in 2.8.5 => Fixed upstream in 2.10.0
Not in mageia 8
Version: Cauldron => 7Whiteboard: MGA7TOO => (none)
Upstream has issued an advisory today (January 26): https://www.openwall.com/lists/oss-security/2021/01/26/1 The issue is fixed upstream in 2.10.1.
Summary: hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029, CVE-2018-1176[58] => hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-8009, CVE-2018-11767, CVE-2018-8029, CVE-2018-1176[58], CVE-2020-9492Status comment: Fixed upstream in 2.10.0 => Fixed upstream in 2.10.1
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Resolution: (none) => OLDStatus: NEW => RESOLVED