[NO ISSUE] Upgrade Hadoop to 3.3.6
Change-Id: Ief6aff3081ada9ab42833bd894ded60f446cb167
Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17837
Integration-Tests: Jenkins <jenkins@fulliautomatix.ics.uci.edu>
Reviewed-by: Hussain Towaileb <hussainht@gmail.com>
Tested-by: Jenkins <jenkins@fulliautomatix.ics.uci.edu>
diff --git a/asterixdb/asterix-external-data/pom.xml b/asterixdb/asterix-external-data/pom.xml
index b3ab6da..de14287 100644
--- a/asterixdb/asterix-external-data/pom.xml
+++ b/asterixdb/asterix-external-data/pom.xml
@@ -541,16 +541,6 @@
<groupId>io.netty</groupId>
<artifactId>netty-handler-proxy</artifactId>
</dependency>
- <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can
- be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs -->
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </dependency>
<!-- Manually included to avoid CVE-2023-1370 -->
<dependency>
<groupId>net.minidev</groupId>
diff --git a/asterixdb/pom.xml b/asterixdb/pom.xml
index 730d27b..b2d8831 100644
--- a/asterixdb/pom.xml
+++ b/asterixdb/pom.xml
@@ -84,7 +84,7 @@
<!-- Versions under dependencymanagement or used in many projects via properties -->
<algebricks.version>0.3.8-SNAPSHOT</algebricks.version>
<hyracks.version>0.3.8-SNAPSHOT</hyracks.version>
- <hadoop.version>3.3.4</hadoop.version>
+ <hadoop.version>3.3.6</hadoop.version>
<jacoco.version>0.7.6.201602180812</jacoco.version>
<log4j.version>2.19.0</log4j.version>
<awsjavasdk.version>2.17.218</awsjavasdk.version>
@@ -1005,14 +1005,9 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
<exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
+ <groupId>ch.qos.reload4j</groupId>
+ <artifactId>reload4j</artifactId>
</exclusion>
</exclusions>
</dependency>
@@ -1081,15 +1076,6 @@
<groupId>javax.ws.rs</groupId>
<artifactId>jsr311-api</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -1137,14 +1123,9 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
<exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
+ <groupId>ch.qos.reload4j</groupId>
+ <artifactId>reload4j</artifactId>
</exclusion>
</exclusions>
</dependency>
@@ -1173,11 +1154,6 @@
<groupId>org.jline</groupId>
<artifactId>jline</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -1216,14 +1192,9 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
<exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
+ <groupId>ch.qos.reload4j</groupId>
+ <artifactId>reload4j</artifactId>
</exclusion>
</exclusions>
</dependency>
@@ -1249,14 +1220,9 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
<exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
+ <groupId>ch.qos.reload4j</groupId>
+ <artifactId>reload4j</artifactId>
</exclusion>
</exclusions>
</dependency>
@@ -1991,32 +1957,8 @@
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-azure</artifactId>
<version>${hadoop.version}</version>
- <exclusions>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- Hadoop Azure end -->
-
- <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can
- be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs -->
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- <version>9.4.48.v20220622</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- <version>9.4.48.v20220622</version>
- </dependency>
</dependencies>
</dependencyManagement>
diff --git a/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml b/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml
index 816746c..2010653 100644
--- a/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml
+++ b/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml
@@ -163,15 +163,6 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -198,11 +189,6 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/hyracks-fullstack/pom.xml b/hyracks-fullstack/pom.xml
index 86a0ad7..4b625e5 100644
--- a/hyracks-fullstack/pom.xml
+++ b/hyracks-fullstack/pom.xml
@@ -70,7 +70,7 @@
<test.includes>${global.test.includes}</test.includes>
<test.excludes>${global.test.excludes}</test.excludes>
<!-- Versions under dependencymanagement or used in many projects via properties -->
- <hadoop.version>3.3.1</hadoop.version>
+ <hadoop.version>3.3.6</hadoop.version>
<jacoco.version>0.7.6.201602180812</jacoco.version>
<log4j.version>2.19.0</log4j.version>
<snappy.version>1.1.8.4</snappy.version>
@@ -192,15 +192,6 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -216,15 +207,6 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -236,28 +218,12 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-mapreduce-client-core</artifactId>
<version>${hadoop.version}</version>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusions>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
@@ -270,11 +236,6 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
- <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 -->
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -469,18 +430,6 @@
<artifactId>snappy-java</artifactId>
<version>${snappy.version}</version>
</dependency>
- <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can
- be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs -->
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- <version>9.4.48.v20220622</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- <version>9.4.48.v20220622</version>
- </dependency>
<!-- Manually included to avoid CVE-2023-1370 -->
<dependency>
<groupId>net.minidev</groupId>