This is an automated email from the ASF dual-hosted git repository.
gurwls223 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push:
new ad81ba83971 [SPARK-39125][BUILD] Upgrade netty to 4.1.77 and
netty-tcnative
ad81ba83971 is described below
commit ad81ba839713374b2ef9ea2f0f18e83578584188
Author: bjornjorgensen <[email protected]>
AuthorDate: Mon May 9 10:35:49 2022 +0900
[SPARK-39125][BUILD] Upgrade netty to 4.1.77 and netty-tcnative
### What changes were proposed in this pull request?
Upgrade netty to 4.1.77.Final and netty-tcnative to 2.0.52.Final
### Why are the changes needed?
[security.snyk.io](https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-2812456)
"Note: To be vulnerable, a victim application has to run on a Unix-like
operating system, and with Java 6 or below."
So we dont need to have this. But its nice to have..
### Does this PR introduce _any_ user-facing change?
No.
### How was this patch tested?
Pass CI test
Closes #36482 from bjornjorgensen/Upgrade-Netty-to-4.1.77.
Authored-by: bjornjorgensen <[email protected]>
Signed-off-by: Hyukjin Kwon <[email protected]>
---
dev/deps/spark-deps-hadoop-2-hive-2.3 | 30 +++++++++++++++---------------
dev/deps/spark-deps-hadoop-3-hive-2.3 | 30 +++++++++++++++---------------
pom.xml | 4 ++--
3 files changed, 32 insertions(+), 32 deletions(-)
diff --git a/dev/deps/spark-deps-hadoop-2-hive-2.3
b/dev/deps/spark-deps-hadoop-2-hive-2.3
index 935340a890e..091ef889d9d 100644
--- a/dev/deps/spark-deps-hadoop-2-hive-2.3
+++ b/dev/deps/spark-deps-hadoop-2-hive-2.3
@@ -200,21 +200,21 @@ metrics-jmx/4.2.7//metrics-jmx-4.2.7.jar
metrics-json/4.2.7//metrics-json-4.2.7.jar
metrics-jvm/4.2.7//metrics-jvm-4.2.7.jar
minlog/1.3.0//minlog-1.3.0.jar
-netty-all/4.1.76.Final//netty-all-4.1.76.Final.jar
-netty-buffer/4.1.76.Final//netty-buffer-4.1.76.Final.jar
-netty-codec/4.1.76.Final//netty-codec-4.1.76.Final.jar
-netty-common/4.1.76.Final//netty-common-4.1.76.Final.jar
-netty-handler/4.1.76.Final//netty-handler-4.1.76.Final.jar
-netty-resolver/4.1.76.Final//netty-resolver-4.1.76.Final.jar
-netty-tcnative-classes/2.0.51.Final//netty-tcnative-classes-2.0.51.Final.jar
-netty-transport-classes-epoll/4.1.76.Final//netty-transport-classes-epoll-4.1.76.Final.jar
-netty-transport-classes-kqueue/4.1.76.Final//netty-transport-classes-kqueue-4.1.76.Final.jar
-netty-transport-native-epoll/4.1.76.Final/linux-aarch_64/netty-transport-native-epoll-4.1.76.Final-linux-aarch_64.jar
-netty-transport-native-epoll/4.1.76.Final/linux-x86_64/netty-transport-native-epoll-4.1.76.Final-linux-x86_64.jar
-netty-transport-native-kqueue/4.1.76.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.76.Final-osx-aarch_64.jar
-netty-transport-native-kqueue/4.1.76.Final/osx-x86_64/netty-transport-native-kqueue-4.1.76.Final-osx-x86_64.jar
-netty-transport-native-unix-common/4.1.76.Final//netty-transport-native-unix-common-4.1.76.Final.jar
-netty-transport/4.1.76.Final//netty-transport-4.1.76.Final.jar
+netty-all/4.1.77.Final//netty-all-4.1.77.Final.jar
+netty-buffer/4.1.77.Final//netty-buffer-4.1.77.Final.jar
+netty-codec/4.1.77.Final//netty-codec-4.1.77.Final.jar
+netty-common/4.1.77.Final//netty-common-4.1.77.Final.jar
+netty-handler/4.1.77.Final//netty-handler-4.1.77.Final.jar
+netty-resolver/4.1.77.Final//netty-resolver-4.1.77.Final.jar
+netty-tcnative-classes/2.0.52.Final//netty-tcnative-classes-2.0.52.Final.jar
+netty-transport-classes-epoll/4.1.77.Final//netty-transport-classes-epoll-4.1.77.Final.jar
+netty-transport-classes-kqueue/4.1.77.Final//netty-transport-classes-kqueue-4.1.77.Final.jar
+netty-transport-native-epoll/4.1.77.Final/linux-aarch_64/netty-transport-native-epoll-4.1.77.Final-linux-aarch_64.jar
+netty-transport-native-epoll/4.1.77.Final/linux-x86_64/netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar
+netty-transport-native-kqueue/4.1.77.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.77.Final-osx-aarch_64.jar
+netty-transport-native-kqueue/4.1.77.Final/osx-x86_64/netty-transport-native-kqueue-4.1.77.Final-osx-x86_64.jar
+netty-transport-native-unix-common/4.1.77.Final//netty-transport-native-unix-common-4.1.77.Final.jar
+netty-transport/4.1.77.Final//netty-transport-4.1.77.Final.jar
objenesis/3.2//objenesis-3.2.jar
okhttp/3.12.12//okhttp-3.12.12.jar
okio/1.14.0//okio-1.14.0.jar
diff --git a/dev/deps/spark-deps-hadoop-3-hive-2.3
b/dev/deps/spark-deps-hadoop-3-hive-2.3
index e8c7a25281b..88df21498b4 100644
--- a/dev/deps/spark-deps-hadoop-3-hive-2.3
+++ b/dev/deps/spark-deps-hadoop-3-hive-2.3
@@ -186,21 +186,21 @@ metrics-jmx/4.2.7//metrics-jmx-4.2.7.jar
metrics-json/4.2.7//metrics-json-4.2.7.jar
metrics-jvm/4.2.7//metrics-jvm-4.2.7.jar
minlog/1.3.0//minlog-1.3.0.jar
-netty-all/4.1.76.Final//netty-all-4.1.76.Final.jar
-netty-buffer/4.1.76.Final//netty-buffer-4.1.76.Final.jar
-netty-codec/4.1.76.Final//netty-codec-4.1.76.Final.jar
-netty-common/4.1.76.Final//netty-common-4.1.76.Final.jar
-netty-handler/4.1.76.Final//netty-handler-4.1.76.Final.jar
-netty-resolver/4.1.76.Final//netty-resolver-4.1.76.Final.jar
-netty-tcnative-classes/2.0.51.Final//netty-tcnative-classes-2.0.51.Final.jar
-netty-transport-classes-epoll/4.1.76.Final//netty-transport-classes-epoll-4.1.76.Final.jar
-netty-transport-classes-kqueue/4.1.76.Final//netty-transport-classes-kqueue-4.1.76.Final.jar
-netty-transport-native-epoll/4.1.76.Final/linux-aarch_64/netty-transport-native-epoll-4.1.76.Final-linux-aarch_64.jar
-netty-transport-native-epoll/4.1.76.Final/linux-x86_64/netty-transport-native-epoll-4.1.76.Final-linux-x86_64.jar
-netty-transport-native-kqueue/4.1.76.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.76.Final-osx-aarch_64.jar
-netty-transport-native-kqueue/4.1.76.Final/osx-x86_64/netty-transport-native-kqueue-4.1.76.Final-osx-x86_64.jar
-netty-transport-native-unix-common/4.1.76.Final//netty-transport-native-unix-common-4.1.76.Final.jar
-netty-transport/4.1.76.Final//netty-transport-4.1.76.Final.jar
+netty-all/4.1.77.Final//netty-all-4.1.77.Final.jar
+netty-buffer/4.1.77.Final//netty-buffer-4.1.77.Final.jar
+netty-codec/4.1.77.Final//netty-codec-4.1.77.Final.jar
+netty-common/4.1.77.Final//netty-common-4.1.77.Final.jar
+netty-handler/4.1.77.Final//netty-handler-4.1.77.Final.jar
+netty-resolver/4.1.77.Final//netty-resolver-4.1.77.Final.jar
+netty-tcnative-classes/2.0.52.Final//netty-tcnative-classes-2.0.52.Final.jar
+netty-transport-classes-epoll/4.1.77.Final//netty-transport-classes-epoll-4.1.77.Final.jar
+netty-transport-classes-kqueue/4.1.77.Final//netty-transport-classes-kqueue-4.1.77.Final.jar
+netty-transport-native-epoll/4.1.77.Final/linux-aarch_64/netty-transport-native-epoll-4.1.77.Final-linux-aarch_64.jar
+netty-transport-native-epoll/4.1.77.Final/linux-x86_64/netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar
+netty-transport-native-kqueue/4.1.77.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.77.Final-osx-aarch_64.jar
+netty-transport-native-kqueue/4.1.77.Final/osx-x86_64/netty-transport-native-kqueue-4.1.77.Final-osx-x86_64.jar
+netty-transport-native-unix-common/4.1.77.Final//netty-transport-native-unix-common-4.1.77.Final.jar
+netty-transport/4.1.77.Final//netty-transport-4.1.77.Final.jar
objenesis/3.2//objenesis-3.2.jar
okhttp/3.12.12//okhttp-3.12.12.jar
okio/1.14.0//okio-1.14.0.jar
diff --git a/pom.xml b/pom.xml
index b808f37bdae..68bd7cd5cb0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -204,8 +204,8 @@
<!-- When upgrading `netty.version`, need to check whether
the version of `netty-tcnative-classes.version` also needs to be
upgraded
-->
- <netty.version>4.1.76.Final</netty.version>
-
<netty-tcnative-classes.version>2.0.51.Final</netty-tcnative-classes.version>
+ <netty.version>4.1.77.Final</netty.version>
+
<netty-tcnative-classes.version>2.0.52.Final</netty-tcnative-classes.version>
<!--
If you are changing Arrow version specification, please check
./python/pyspark/sql/pandas/utils.py, and ./python/setup.py too.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
