From 45dbc37c94d4e9b2c9ea52e042b6b0fcf8a7611c Mon Sep 17 00:00:00 2001
From: wang_yue111 <648774160@qq.com>
Date: Sat, 26 Jun 2021 09:11:08 +0800
Subject: [PATCH] fix CVE-2019-17195

---
 CVE-2019-17195.patch | 28 ++++++++++++++++++++++++++++
 hadoop.spec          |  6 +++++-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2019-17195.patch

diff --git a/CVE-2019-17195.patch b/CVE-2019-17195.patch
new file mode 100644
index 0000000..cc0f8ba
--- /dev/null
+++ b/CVE-2019-17195.patch
@@ -0,0 +1,28 @@
+From 26367b6cc7300e96963faff53a68552d13942804 Mon Sep 17 00:00:00 2001
+From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
+Date: Mon, 9 Dec 2019 10:14:44 +0900
+Subject: [PATCH] Bump nimbus-jose-jwt from 4.41.1 to 7.9 (#1682)
+
+Bumps [nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 4.41.1 to 7.9.
+- [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt)
+- [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/7.9..4.41.1)
+
+Signed-off-by: dependabot[bot] <support@github.com>
+(cherry picked from commit c1d393a1567cac1bcf71e2e5f252cddffa0f97cc)
+---
+ hadoop-project/pom.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
+index ad9c2138fb6c7..f83b74c2469b0 100644
+--- a/hadoop-project/pom.xml
++++ b/hadoop-project/pom.xml
+@@ -1329,7 +1329,7 @@
+       <dependency>
+           <groupId>com.nimbusds</groupId>
+           <artifactId>nimbus-jose-jwt</artifactId>
+-          <version>4.41.1</version>
++          <version>7.9</version>
+           <scope>compile</scope>
+           <exclusions>
+           <exclusion>
diff --git a/hadoop.spec b/hadoop.spec
index 98c855d..c9e3d05 100644
--- a/hadoop.spec
+++ b/hadoop.spec
@@ -11,7 +11,7 @@
 %define _binaries_in_noarch_packages_terminate_build 0
 Name:   hadoop
 Version: 3.2.1
-Release: 8
+Release: 9
 Summary: A software platform for processing vast amounts of data
 # The BSD license file is missing
 # https://issues.apache.org/jira/browse/HADOOP-9849
@@ -32,6 +32,7 @@ Source11: %{name}-hdfs-site.xml
 Source12: %{name}-mapred-site.xml
 Source13: %{name}-yarn-site.xml
 Patch0:  CVE-2020-9492.patch
+Patch1:  CVE-2019-17195.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: java-1.8.0-openjdk-devel maven hostname maven-local tomcat cmake snappy openssl-devel 
@@ -1109,6 +1110,9 @@ fi
 %config(noreplace) %{_sysconfdir}/%{name}/container-executor.cfg
 
 %changelog
+* Fri Jun 25 2021 wangyue <wangyue92@huawei.com> - 3.2.1-9
+- Fix CVE-2019-17195
+
 * Fri May 14 2021 wangyue <wangyue92@huawei.com> - 3.2.1-8
 - Fix CVE-2020-9492
 
-- 
Gitee