Repository: spark Updated Branches: refs/heads/branch-1.4 149c4a06d -> 073c89f06
[SPARK-11652][CORE] Remote code execution with InvokerTransformer Update to Commons Collections 3.2.2 to avoid any potential remote code execution vulnerability Author: Sean Owen <[email protected]> Closes #9731 from srowen/SPARK-11652. (cherry picked from commit 9631ca35275b0ce8a5219f975907ac36ed11f528) Signed-off-by: Sean Owen <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/spark/repo Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/073c89f0 Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/073c89f0 Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/073c89f0 Branch: refs/heads/branch-1.4 Commit: 073c89f06f1b0a7b8651d90abf81e15e42f17c5c Parents: 149c4a0 Author: Sean Owen <[email protected]> Authored: Wed Nov 18 08:59:20 2015 +0000 Committer: Sean Owen <[email protected]> Committed: Wed Nov 18 09:06:13 2015 +0000 ---------------------------------------------------------------------- pom.xml | 7 +++++++ 1 file changed, 7 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/spark/blob/073c89f0/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 5666281..73de689 100644 --- a/pom.xml +++ b/pom.xml @@ -152,6 +152,8 @@ <aws.kinesis.client.version>1.2.1</aws.kinesis.client.version> <commons.httpclient.version>4.3.2</commons.httpclient.version> <commons.math3.version>3.4.1</commons.math3.version> + <!-- managed up from 3.2.1 for SPARK-11652 --> + <commons.collections.version>3.2.2</commons.collections.version> <test_classpath_file>${project.build.directory}/spark-test-classpath.txt</test_classpath_file> <scala.version>2.10.4</scala.version> <scala.binary.version>2.10</scala.binary.version> @@ -419,6 +421,11 @@ <version>${commons.math3.version}</version> </dependency> <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-collections</artifactId> + <version>${commons.collections.version}</version> + </dependency> + <dependency> <groupId>org.apache.ivy</groupId> <artifactId>ivy</artifactId> <version>${ivy.version}</version> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
