Bjørn Jørgensen created SPARK-40037: ---------------------------------------
Summary: Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0 Key: SPARK-40037 URL: https://issues.apache.org/jira/browse/SPARK-40037 Project: Spark Issue Type: Dependency upgrade Components: Build Affects Versions: 3.4.0 Reporter: Bjørn Jørgensen [https://www.cve.org/CVERecord?id=CVE-2022-25647|CVE-2022-25647] [https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327|Info at SNYK] [https://www.cve.org/CVERecord?id=CVE-2021-22569|CVE-2021-22569] [https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-2331703|Info at SNYK] [https://github.com/google/tink/releases/tag/v1.7.0|releases log] -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org