[ https://issues.apache.org/jira/browse/SPARK-42922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sean R. Owen resolved SPARK-42922. ---------------------------------- Fix Version/s: 3.3.3 3.4.1 3.5.0 Assignee: Mridul Muralidharan Resolution: Fixed Resolved by https://github.com/apache/spark/pull/40568 > Use SecureRandom, instead of Random in security sensitive contexts > ------------------------------------------------------------------ > > Key: SPARK-42922 > URL: https://issues.apache.org/jira/browse/SPARK-42922 > Project: Spark > Issue Type: Bug > Components: SQL > Affects Versions: 3.2.3, 3.3.2, 3.4.0, 3.5.0 > Reporter: Mridul Muralidharan > Assignee: Mridul Muralidharan > Priority: Minor > Fix For: 3.3.3, 3.4.1, 3.5.0 > > > Most uses of Random in spark are either in test cases or where we need a > pseudo random number which is repeatable. > The following are usages where moving from Random to SecureRandom would be > useful > a) HttpAuthUtils.createCookieToken > b) ThriftHttpServlet.RAN -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org