[
https://issues.apache.org/jira/browse/SPARK-35054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17337470#comment-17337470
]
Dongjoon Hyun commented on SPARK-35054:
---------------------------------------
[~jainshasha]. We recommend to use the latest Java version always. Our document
only says that `Java 8 prior to version 8u92 support` is deprecated which means
we don't support it.
Maintaining OS/Java or choosing OS/Java at users' docker images are beyond of
the scope of Apache Spark project activity.
> Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch
> -------------------------------------------------------------------
>
> Key: SPARK-35054
> URL: https://issues.apache.org/jira/browse/SPARK-35054
> Project: Spark
> Issue Type: Bug
> Components: Spark Core
> Affects Versions: 3.0.0
> Reporter: Shashank Jain
> Priority: Major
> Attachments: spark_docker.rtf
>
>
> Currently while running Trivy Scan on Spark build we are getting the
> following critical vulnerability
> CVE-2021-20231
> CVE-2021-20232
> How to fix these vulnerabilities in spark 3.0.0 branch ?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
