[jira] [Updated] (HIVE-23344) Bump org.scala-lang:scala-library version to 2.12.14

Karen Coppage (Jira) Wed, 06 May 2020 07:01:42 -0700


     [ 
https://issues.apache.org/jira/browse/HIVE-23344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Karen Coppage updated HIVE-23344:
---------------------------------
    Description: org.scala-lang:scala-library:jar:2.11.8 has security 
vulnerabilities, e.g. https://snyk.io/vuln/SNYK-JAVA-ORGSCALALANG-31592  (was: 
Lots of 
org.scala-lang:scala-compiler:jar:2.11.0:compile -> 
org.scala-lang:scalap:jar:2.11.0:compile -> 
org.json4s:json4s-core_2.11:jar:3.2.11:compile -> 
org.json4s:json4s-jackson_2.11:jar:3.2.11:compile     -> 
org.apache.spark:spark-core_2.11:jar:2.3.0:compile
Where scala-compiler 2.11.0 is a security vulnerability.

Excluding org.json4s:json4s-jackson_2.11:jar:3.2.11 from spark-core_2 
dependencies.)

> Bump org.scala-lang:scala-library version to 2.12.14
> ----------------------------------------------------
>
>                 Key: HIVE-23344
>                 URL: https://issues.apache.org/jira/browse/HIVE-23344
>             Project: Hive
>          Issue Type: Improvement
>            Reporter: Karen Coppage
>            Assignee: Karen Coppage
>            Priority: Major
>         Attachments: HIVE-23344.01.patch, HIVE-23344.01.patch
>
>
> org.scala-lang:scala-library:jar:2.11.8 has security vulnerabilities, e.g. 
> https://snyk.io/vuln/SNYK-JAVA-ORGSCALALANG-31592



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (HIVE-23344) Bump org.scala-lang:scala-library version to 2.12.14

Reply via email to