degant commented on PR #41428: URL: https://github.com/apache/spark/pull/41428#issuecomment-1572919477
Thanks for the reply @dongjoon-hyun. Unfortunately we can't move to Spark 3.4 yet, and need to continue using Spark 3.3. The vulnerability has a score of 9.9 which is why I was requesting that the change be back-ported to Spark 3.3 Since 3.3 is still an actively supported release, doesn't the Apache policy require fixing critical security vulnerabilities? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
