[jira] [Commented] (SPARK-40037) Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0

Apache Spark (Jira) Wed, 10 Aug 2022 15:03:06 -0700


    [ 
https://issues.apache.org/jira/browse/SPARK-40037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17578168#comment-17578168
 ]


Apache Spark commented on SPARK-40037:
--------------------------------------

User 'bjornjorgensen' has created a pull request for this issue:
https://github.com/apache/spark/pull/37473

> Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0
> -------------------------------------------------------
>
>                 Key: SPARK-40037
>                 URL: https://issues.apache.org/jira/browse/SPARK-40037
>             Project: Spark
>          Issue Type: Dependency upgrade
>          Components: Build
>    Affects Versions: 3.4.0
>            Reporter: Bjørn Jørgensen
>            Priority: Major
>
> [CVE-2022-25647|https://www.cve.org/CVERecord?id=CVE-2022-25647]
> [Info at 
> SNYK|https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327]
> [CVE-2021-22569|https://www.cve.org/CVERecord?id=CVE-2021-22569]
> [Info at 
> SNYK|https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-2331703]
> [releases log|https://github.com/google/tink/releases/tag/v1.7.0]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

[jira] [Commented] (SPARK-40037) Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0

Reply via email to