[ https://issues.apache.org/jira/browse/SPARK-35305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dongjoon Hyun resolved SPARK-35305. ----------------------------------- Resolution: Later According to the discussion on the PR, we already upgraded Netty library to remove those vulnerability. So, we don't need to upgrade Zookeeper. - https://github.com/apache/spark/pull/32572#pullrequestreview-661653211 > Upgrade ZooKeeper to 3.7.0 > -------------------------- > > Key: SPARK-35305 > URL: https://issues.apache.org/jira/browse/SPARK-35305 > Project: Spark > Issue Type: Dependency upgrade > Components: Build > Affects Versions: 3.2.0 > Reporter: Hari Prasad G > Priority: Major > > Upgrade ZooKeeper to 3.7.0 to fix the vulnerabilities. > *List of CVE's:* > * CVE-2021-21295 > * CVE-2021-21290 > * CVE-2021-21409 > -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org