Fixed issues in Phoenix
This section lists the issues that have been fixed since the previous version.
- CDPD-10532: Update Log4j to address CVE-2019-17571
-
Replaced Log4j with an internal version to fix CVE-2019-17571.
- CDPD-11333: Update Netty in Phoenix-Hive connector
-
Updated Netty to 4.1.47.Final to fix CVEs in previous versions.
- CDPD-10452: Exclude ZooKeeper and Guava from Curator in Phoenix
-
Harmonize dependencies within CDP.
- CDPD-10312: Update Scala version for Phoenix
-
Scala version updated to 2.11.12. Harmonize dependencies within CDP.
- CDPD-7371: Phoenix - Upgrade to Jetty 9.4.26 to avoid CVEs
- Phoenix now uses Jetty 9.4.26, which addresses the following CVEs: CVE‑2017‑7656, CVE‑2017‑7657,CVE‑2017‑7658, CVE‑2018‑12536, CVE‑2017‑9735, CVE‑2019‑10247.