HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 #8122

pjfanning · 2025-12-09T12:27:43Z

Description of PR

Another CVE - CVE-2025-66566.
2nd PR for HADOOP-19747

How was this patch tested?

For code changes:

Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

hadoop-yetus · 2025-12-10T05:27:06Z

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	15m 33s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 1s		codespell was not available.
+0 🆗	detsecrets	0m 1s		detect-secrets was not available.
+0 🆗	xmllint	0m 1s		xmllint was not available.
+0 🆗	shelldocs	0m 1s		Shelldocs was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+0 🆗	mvndep	8m 41s		Maven dependency ordering for branch
+1 💚	mvninstall	28m 36s		trunk passed
+1 💚	compile	17m 22s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	compile	17m 17s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
-1 ❌	mvnsite	9m 38s	/branch-mvnsite-root.txt	root in trunk failed.
-1 ❌	javadoc	9m 2s	/branch-javadoc-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in trunk failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javadoc	7m 50s	/branch-javadoc-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in trunk failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+1 💚	shadedclient	42m 14s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+0 🆗	mvndep	0m 34s		Maven dependency ordering for patch
+1 💚	mvninstall	27m 5s		the patch passed
+1 💚	compile	16m 27s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javac	16m 27s		the patch passed
+1 💚	compile	17m 13s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	javac	17m 14s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-1 ❌	mvnsite	7m 18s	/patch-mvnsite-root.txt	root in the patch failed.
+1 💚	shellcheck	0m 0s		No new issues.
-1 ❌	javadoc	9m 3s	/patch-javadoc-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javadoc	7m 55s	/patch-javadoc-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+1 💚	shadedclient	44m 33s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	758m 0s	/patch-unit-root.txt	root in the patch passed.
+1 💚	asflicense	1m 59s		The patch does not generate ASF License warnings.
		1017m 34s

Reason	Tests
Failed junit tests	hadoop.yarn.service.TestYarnNativeServices
	hadoop.yarn.server.resourcemanager.TestRMHA
	hadoop.yarn.server.router.subcluster.capacity.TestYarnFederationWithCapacityScheduler
	hadoop.yarn.server.router.subcluster.fair.TestYarnFederationWithFairScheduler
	hadoop.yarn.server.router.webapp.TestRouterWebServicesREST
	hadoop.yarn.sls.appmaster.TestAMSimulator
	hadoop.hdfs.tools.TestDFSAdmin

Subsystem	Report/Notes
Docker	ClientAPI=1.52 ServerAPI=1.52 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/1/artifact/out/Dockerfile
GITHUB PR	#8122
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint shellcheck shelldocs
uname	Linux 4b9a3d58b2c7 5.15.0-160-generic #170-Ubuntu SMP Wed Oct 1 10:06:56 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / `a132521`
Default Java	Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Multi-JDK versions	/usr/lib/jvm/java-21-openjdk-amd64:Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04 /usr/lib/jvm/java-17-openjdk-amd64:Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/1/testReport/
Max. process+thread count	4054 (vs. ulimit of 5500)
modules	C: hadoop-project . U: .
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/1/console
versions	git=2.25.1 maven=3.9.11 shellcheck=0.7.0
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

hadoop-yetus · 2025-12-20T09:01:10Z

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	17m 35s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+0 🆗	xmllint	0m 0s		xmllint was not available.
+0 🆗	shelldocs	0m 0s		Shelldocs was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+0 🆗	mvndep	10m 10s		Maven dependency ordering for branch
+1 💚	mvninstall	28m 18s		trunk passed
+1 💚	compile	17m 12s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	compile	17m 32s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
-1 ❌	mvnsite	9m 27s	/branch-mvnsite-root.txt	root in trunk failed.
-1 ❌	javadoc	9m 6s	/branch-javadoc-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in trunk failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javadoc	7m 55s	/branch-javadoc-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in trunk failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+1 💚	shadedclient	42m 30s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+0 🆗	mvndep	0m 32s		Maven dependency ordering for patch
+1 💚	mvninstall	27m 4s		the patch passed
+1 💚	compile	16m 34s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javac	16m 34s		the patch passed
+1 💚	compile	17m 28s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	javac	17m 28s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-1 ❌	mvnsite	7m 10s	/patch-mvnsite-root.txt	root in the patch failed.
+1 💚	shellcheck	0m 1s		No new issues.
-1 ❌	javadoc	9m 2s	/patch-javadoc-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javadoc	7m 53s	/patch-javadoc-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+1 💚	shadedclient	44m 33s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	757m 17s	/patch-unit-root.txt	root in the patch passed.
+1 💚	asflicense	1m 56s		The patch does not generate ASF License warnings.
		1020m 21s

Reason	Tests
Failed junit tests	hadoop.yarn.service.TestYarnNativeServices
	hadoop.yarn.server.resourcemanager.TestRMHA
	hadoop.yarn.server.resourcemanager.webapp.TestRMWebServicesReservation
	hadoop.yarn.server.router.subcluster.fair.TestYarnFederationWithFairScheduler
	hadoop.yarn.sls.appmaster.TestAMSimulator
	hadoop.hdfs.tools.TestDFSAdmin

Subsystem	Report/Notes
Docker	ClientAPI=1.52 ServerAPI=1.52 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/2/artifact/out/Dockerfile
GITHUB PR	#8122
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint shellcheck shelldocs
uname	Linux 7e391a1eac88 5.15.0-160-generic #170-Ubuntu SMP Wed Oct 1 10:06:56 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / `fb824b7`
Default Java	Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Multi-JDK versions	/usr/lib/jvm/java-21-openjdk-amd64:Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04 /usr/lib/jvm/java-17-openjdk-amd64:Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/2/testReport/
Max. process+thread count	3810 (vs. ulimit of 5500)
modules	C: hadoop-project . U: .
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/2/console
versions	git=2.25.1 maven=3.9.11 shellcheck=0.7.0
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

hadoop-yetus · 2026-01-02T13:40:26Z

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	1m 4s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 1s		codespell was not available.
+0 🆗	detsecrets	0m 1s		detect-secrets was not available.
+0 🆗	xmllint	0m 1s		xmllint was not available.
+0 🆗	shelldocs	0m 1s		Shelldocs was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+0 🆗	mvndep	8m 48s		Maven dependency ordering for branch
+1 💚	mvninstall	28m 18s		trunk passed
+1 💚	compile	17m 16s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	compile	17m 37s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
-1 ❌	mvnsite	9m 53s	/branch-mvnsite-root.txt	root in trunk failed.
+1 💚	javadoc	9m 59s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javadoc	8m 40s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	shadedclient	43m 49s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+0 🆗	mvndep	0m 31s		Maven dependency ordering for patch
+1 💚	mvninstall	27m 4s		the patch passed
+1 💚	compile	16m 18s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javac	16m 18s		the patch passed
+1 💚	compile	17m 41s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	javac	17m 41s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-1 ❌	mvnsite	8m 7s	/patch-mvnsite-root.txt	root in the patch failed.
+1 💚	shellcheck	0m 0s		No new issues.
+1 💚	javadoc	10m 18s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javadoc	8m 43s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	shadedclient	46m 37s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	758m 37s	/patch-unit-root.txt	root in the patch passed.
+1 💚	asflicense	1m 58s		The patch does not generate ASF License warnings.
		1008m 54s

Reason	Tests
Failed junit tests	hadoop.yarn.service.TestYarnNativeServices
	hadoop.yarn.server.resourcemanager.TestRMHA
	hadoop.yarn.server.resourcemanager.webapp.TestRMWebServicesReservation
	hadoop.yarn.server.router.subcluster.fair.TestYarnFederationWithFairScheduler
	hadoop.yarn.sls.appmaster.TestAMSimulator
	hadoop.hdfs.tools.TestDFSAdmin

Subsystem	Report/Notes
Docker	ClientAPI=1.52 ServerAPI=1.52 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/3/artifact/out/Dockerfile
GITHUB PR	#8122
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint shellcheck shelldocs
uname	Linux e812a926c1f8 5.15.0-160-generic #170-Ubuntu SMP Wed Oct 1 10:06:56 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / `1d431e8`
Default Java	Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Multi-JDK versions	/usr/lib/jvm/java-21-openjdk-amd64:Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04 /usr/lib/jvm/java-17-openjdk-amd64:Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/3/testReport/
Max. process+thread count	3904 (vs. ulimit of 5500)
modules	C: hadoop-project . U: .
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/3/console
versions	git=2.25.1 maven=3.9.11 shellcheck=0.7.0
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

slfan1989 · 2026-01-04T07:10:55Z

LICENSE-binary

 hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/checker/TimeoutFuture.java

-at.yawk.lz4:lz4-java:1.9.0
+at.yawk.lz4:lz4-java:1.10.1


Can we upgrade to at.yawk.lz4:lz4-java:1.10.2 ?

…6566

hadoop-yetus · 2026-01-05T02:19:01Z

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	15m 43s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 1s		codespell was not available.
+0 🆗	detsecrets	0m 1s		detect-secrets was not available.
+0 🆗	xmllint	0m 1s		xmllint was not available.
+0 🆗	shelldocs	0m 1s		Shelldocs was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+0 🆗	mvndep	8m 7s		Maven dependency ordering for branch
+1 💚	mvninstall	28m 5s		trunk passed
+1 💚	compile	17m 21s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	compile	17m 28s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
-1 ❌	mvnsite	9m 44s	/branch-mvnsite-root.txt	root in trunk failed.
+1 💚	javadoc	9m 55s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javadoc	8m 43s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	shadedclient	44m 12s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+0 🆗	mvndep	0m 33s		Maven dependency ordering for patch
+1 💚	mvninstall	27m 7s		the patch passed
+1 💚	compile	16m 38s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javac	16m 38s		the patch passed
+1 💚	compile	17m 38s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	javac	17m 38s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-1 ❌	mvnsite	7m 46s	/patch-mvnsite-root.txt	root in the patch failed.
+1 💚	shellcheck	0m 0s		No new issues.
+1 💚	javadoc	9m 51s		the patch passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javadoc	8m 44s		the patch passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	shadedclient	46m 12s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	758m 17s	/patch-unit-root.txt	root in the patch passed.
+1 💚	asflicense	1m 59s		The patch does not generate ASF License warnings.
		1022m 6s

Reason	Tests
Failed junit tests	hadoop.yarn.service.TestYarnNativeServices
	hadoop.yarn.server.resourcemanager.TestRMHA
	hadoop.yarn.server.resourcemanager.webapp.TestRMWebServicesReservation
	hadoop.yarn.server.router.subcluster.fair.TestYarnFederationWithFairScheduler
	hadoop.yarn.server.router.webapp.TestRouterWebServicesREST
	hadoop.yarn.sls.appmaster.TestAMSimulator
	hadoop.hdfs.tools.TestDFSAdmin

Subsystem	Report/Notes
Docker	ClientAPI=1.52 ServerAPI=1.52 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/4/artifact/out/Dockerfile
GITHUB PR	#8122
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint shellcheck shelldocs
uname	Linux f84a2786f981 5.15.0-160-generic #170-Ubuntu SMP Wed Oct 1 10:06:56 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / `a36bf84`
Default Java	Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Multi-JDK versions	/usr/lib/jvm/java-21-openjdk-amd64:Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04 /usr/lib/jvm/java-17-openjdk-amd64:Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/4/testReport/
Max. process+thread count	3574 (vs. ulimit of 5500)
modules	C: hadoop-project . U: .
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8122/4/console
versions	git=2.25.1 maven=3.9.11 shellcheck=0.7.0
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

slfan1989 · 2026-01-09T00:00:32Z

@pjfanning Thanks for the contribution! Could we backport this to the branch-3.4 branch?

github-actions bot added build trunk labels Dec 9, 2025

pjfanning force-pushed the HADOOP-19747-lz4-1.10.1 branch from a132521 to fb824b7 Compare December 19, 2025 15:59

pjfanning force-pushed the HADOOP-19747-lz4-1.10.1 branch from fb824b7 to 1d431e8 Compare January 1, 2026 20:49

slfan1989 reviewed Jan 4, 2026

View reviewed changes

pjfanning added 2 commits January 4, 2026 10:13

HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.1 due to CVE-2025-6…

3330d99

…6566

lz4-java:1.10.2

a36bf84

pjfanning force-pushed the HADOOP-19747-lz4-1.10.1 branch from 1d431e8 to a36bf84 Compare January 4, 2026 09:14

slfan1989 approved these changes Jan 5, 2026

View reviewed changes

slfan1989 changed the title ~~HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.1 due to CVE-2025-66566~~ HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 Jan 5, 2026

slfan1989 merged commit 1dab293 into apache:trunk Jan 8, 2026
1 of 5 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 #8122

HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 #8122

pjfanning commented Dec 9, 2025

Uh oh!

hadoop-yetus commented Dec 10, 2025

Uh oh!

hadoop-yetus commented Dec 20, 2025

Uh oh!

hadoop-yetus commented Jan 2, 2026

Uh oh!

slfan1989 Jan 4, 2026

Uh oh!

hadoop-yetus commented Jan 5, 2026

Uh oh!

Uh oh!

slfan1989 commented Jan 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 #8122

HADOOP-19747. Switch to at.yawk.lz4:lz4-java:1.10.2 due to CVE-2025-66566 #8122

Conversation

pjfanning commented Dec 9, 2025

Description of PR

How was this patch tested?

For code changes:

Uh oh!

hadoop-yetus commented Dec 10, 2025

Uh oh!

hadoop-yetus commented Dec 20, 2025

Uh oh!

hadoop-yetus commented Jan 2, 2026

Uh oh!

slfan1989 Jan 4, 2026

Choose a reason for hiding this comment

Uh oh!

hadoop-yetus commented Jan 5, 2026

Uh oh!

Uh oh!

slfan1989 commented Jan 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants