[TEZ-4426][CVE-2018-1000620] Upgrade cryptiles from 2.0.5 to 4.1.2

[amanraj2520]

[TEZ-4426][CVE-2018-1000620] Upgrade cryptiles from 2.0.5 to 4.1.2 to fix the vulnerability.

Link to JIRA : https://issues.apache.org/jira/browse/TEZ-4426

Link to parent JIRA : https://issues.apache.org/jira/browse/TEZ-4419

RFC documentation : https://github.com/yarnpkg/rfcs/blob/master/implemented/0000-selective-versions-resolutions.md

[tez-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	14m 36s	Docker mode activated.
		_ Prechecks _
+1 💚	dupname	0m 0s	No case conflicting files found.
+1 💚	@author	0m 0s	The patch does not contain any @author tags.
		_ master Compile Tests _
		_ Patch Compile Tests _
+1 💚	whitespace	0m 0s	The patch has no whitespace issues.
		_ Other Tests _
+1 💚	asflicense	1m 0s	The patch does not generate ASF License warnings.
		16m 17s

Subsystem	Report/Notes
Docker	ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-227/1/artifact/out/Dockerfile
GITHUB PR	#227
Optional Tests	dupname asflicense
uname	Linux 83cda3c308ad 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/tez.sh
git revision	master / 5f181ea
Max. process+thread count	51 (vs. ulimit of 5500)
modules	C: tez-ui U: tez-ui
Console output	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-227/1/console
versions	git=2.25.1 maven=3.6.3
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

[amanraj2520]

The version of node that cryptiles 4.1.2 needs is >= 8.9.0 but we cannot use the current LTS version of node since the build is throwing the following error:

(node:9989) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
$ TMPDIR=tmp node/node ./node_modules/ember-cli/bin/ember build -prod
ember[10004]: ../src/node_contextify.cc:627:static void node::contextify::ContextifyScript::New(const v8::FunctionCallbackInfov8::Value&): Assertion `args[1]->IsString()' failed.

If we want to fix this error, we need to fix all the occurences of new Buffer(string) with Buffer.alloc(), which can be a huge change.

### Also the max version of node in which the build works perfectly is 9.11.2

So to summarize if we want to upgrade to cryptiles to 4.1.2 without any code changes related to Buffer, we need to use nodeVersion >=8.9.0 and nodeVersion<=9.11.2. That's why I have used version 8.9.0 for now.

[amanraj2520]

@guptanikhil007 Can you please approve this change.

[tez-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	0m 35s	Docker mode activated.
		_ Prechecks _
+1 💚	dupname	0m 0s	No case conflicting files found.
+1 💚	@author	0m 0s	The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s	The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
		_ master Compile Tests _
+1 💚	mvninstall	16m 48s	master passed
+1 💚	compile	1m 13s	master passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚	compile	1m 6s	master passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚	javadoc	0m 59s	master passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚	javadoc	0m 35s	master passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
		_ Patch Compile Tests _
+1 💚	mvninstall	1m 31s	the patch passed
+1 💚	compile	1m 6s	the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚	javac	1m 5s	the patch passed
+1 💚	compile	1m 7s	the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚	javac	1m 7s	the patch passed
+1 💚	whitespace	0m 0s	The patch has no whitespace issues.
+1 💚	xml	0m 1s	The patch has no ill-formed XML file.
+1 💚	javadoc	0m 35s	the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚	javadoc	0m 33s	the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
		_ Other Tests _
+1 💚	unit	2m 8s	tez-ui in the patch passed.
+1 💚	asflicense	0m 45s	The patch does not generate ASF License warnings.
		30m 15s

Subsystem	Report/Notes
Docker	ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-227/2/artifact/out/Dockerfile
GITHUB PR	#227
Optional Tests	dupname asflicense javac javadoc unit xml compile
uname	Linux ac6de03894a2 4.15.0-112-generic #113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/tez.sh
git revision	master / 5f181ea
Default Java	Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Multi-JDK versions	/usr/lib/jvm/java-11-openjdk-amd64:Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Test Results	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-227/2/testReport/
Max. process+thread count	95 (vs. ulimit of 5500)
modules	C: tez-ui U: tez-ui
Console output	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-227/2/console
versions	git=2.25.1 maven=3.6.3
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

[abstractdog]

with addendum patch nodejs was properly downloaded, module was successfully built, +1