This is an automated email from the ASF dual-hosted git repository. gurwls223 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push: new ad81ba83971 [SPARK-39125][BUILD] Upgrade netty to 4.1.77 and netty-tcnative ad81ba83971 is described below commit ad81ba839713374b2ef9ea2f0f18e83578584188 Author: bjornjorgensen <bjornjorgen...@gmail.com> AuthorDate: Mon May 9 10:35:49 2022 +0900 [SPARK-39125][BUILD] Upgrade netty to 4.1.77 and netty-tcnative ### What changes were proposed in this pull request? Upgrade netty to 4.1.77.Final and netty-tcnative to 2.0.52.Final ### Why are the changes needed? [security.snyk.io](https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-2812456) "Note: To be vulnerable, a victim application has to run on a Unix-like operating system, and with Java 6 or below." So we dont need to have this. But its nice to have.. ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Pass CI test Closes #36482 from bjornjorgensen/Upgrade-Netty-to-4.1.77. Authored-by: bjornjorgensen <bjornjorgen...@gmail.com> Signed-off-by: Hyukjin Kwon <gurwls...@apache.org> --- dev/deps/spark-deps-hadoop-2-hive-2.3 | 30 +++++++++++++++--------------- dev/deps/spark-deps-hadoop-3-hive-2.3 | 30 +++++++++++++++--------------- pom.xml | 4 ++-- 3 files changed, 32 insertions(+), 32 deletions(-) diff --git a/dev/deps/spark-deps-hadoop-2-hive-2.3 b/dev/deps/spark-deps-hadoop-2-hive-2.3 index 935340a890e..091ef889d9d 100644 --- a/dev/deps/spark-deps-hadoop-2-hive-2.3 +++ b/dev/deps/spark-deps-hadoop-2-hive-2.3 @@ -200,21 +200,21 @@ metrics-jmx/4.2.7//metrics-jmx-4.2.7.jar metrics-json/4.2.7//metrics-json-4.2.7.jar metrics-jvm/4.2.7//metrics-jvm-4.2.7.jar minlog/1.3.0//minlog-1.3.0.jar -netty-all/4.1.76.Final//netty-all-4.1.76.Final.jar -netty-buffer/4.1.76.Final//netty-buffer-4.1.76.Final.jar -netty-codec/4.1.76.Final//netty-codec-4.1.76.Final.jar -netty-common/4.1.76.Final//netty-common-4.1.76.Final.jar -netty-handler/4.1.76.Final//netty-handler-4.1.76.Final.jar -netty-resolver/4.1.76.Final//netty-resolver-4.1.76.Final.jar -netty-tcnative-classes/2.0.51.Final//netty-tcnative-classes-2.0.51.Final.jar -netty-transport-classes-epoll/4.1.76.Final//netty-transport-classes-epoll-4.1.76.Final.jar -netty-transport-classes-kqueue/4.1.76.Final//netty-transport-classes-kqueue-4.1.76.Final.jar -netty-transport-native-epoll/4.1.76.Final/linux-aarch_64/netty-transport-native-epoll-4.1.76.Final-linux-aarch_64.jar -netty-transport-native-epoll/4.1.76.Final/linux-x86_64/netty-transport-native-epoll-4.1.76.Final-linux-x86_64.jar -netty-transport-native-kqueue/4.1.76.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.76.Final-osx-aarch_64.jar -netty-transport-native-kqueue/4.1.76.Final/osx-x86_64/netty-transport-native-kqueue-4.1.76.Final-osx-x86_64.jar -netty-transport-native-unix-common/4.1.76.Final//netty-transport-native-unix-common-4.1.76.Final.jar -netty-transport/4.1.76.Final//netty-transport-4.1.76.Final.jar +netty-all/4.1.77.Final//netty-all-4.1.77.Final.jar +netty-buffer/4.1.77.Final//netty-buffer-4.1.77.Final.jar +netty-codec/4.1.77.Final//netty-codec-4.1.77.Final.jar +netty-common/4.1.77.Final//netty-common-4.1.77.Final.jar +netty-handler/4.1.77.Final//netty-handler-4.1.77.Final.jar +netty-resolver/4.1.77.Final//netty-resolver-4.1.77.Final.jar +netty-tcnative-classes/2.0.52.Final//netty-tcnative-classes-2.0.52.Final.jar +netty-transport-classes-epoll/4.1.77.Final//netty-transport-classes-epoll-4.1.77.Final.jar +netty-transport-classes-kqueue/4.1.77.Final//netty-transport-classes-kqueue-4.1.77.Final.jar +netty-transport-native-epoll/4.1.77.Final/linux-aarch_64/netty-transport-native-epoll-4.1.77.Final-linux-aarch_64.jar +netty-transport-native-epoll/4.1.77.Final/linux-x86_64/netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar +netty-transport-native-kqueue/4.1.77.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.77.Final-osx-aarch_64.jar +netty-transport-native-kqueue/4.1.77.Final/osx-x86_64/netty-transport-native-kqueue-4.1.77.Final-osx-x86_64.jar +netty-transport-native-unix-common/4.1.77.Final//netty-transport-native-unix-common-4.1.77.Final.jar +netty-transport/4.1.77.Final//netty-transport-4.1.77.Final.jar objenesis/3.2//objenesis-3.2.jar okhttp/3.12.12//okhttp-3.12.12.jar okio/1.14.0//okio-1.14.0.jar diff --git a/dev/deps/spark-deps-hadoop-3-hive-2.3 b/dev/deps/spark-deps-hadoop-3-hive-2.3 index e8c7a25281b..88df21498b4 100644 --- a/dev/deps/spark-deps-hadoop-3-hive-2.3 +++ b/dev/deps/spark-deps-hadoop-3-hive-2.3 @@ -186,21 +186,21 @@ metrics-jmx/4.2.7//metrics-jmx-4.2.7.jar metrics-json/4.2.7//metrics-json-4.2.7.jar metrics-jvm/4.2.7//metrics-jvm-4.2.7.jar minlog/1.3.0//minlog-1.3.0.jar -netty-all/4.1.76.Final//netty-all-4.1.76.Final.jar -netty-buffer/4.1.76.Final//netty-buffer-4.1.76.Final.jar -netty-codec/4.1.76.Final//netty-codec-4.1.76.Final.jar -netty-common/4.1.76.Final//netty-common-4.1.76.Final.jar -netty-handler/4.1.76.Final//netty-handler-4.1.76.Final.jar -netty-resolver/4.1.76.Final//netty-resolver-4.1.76.Final.jar -netty-tcnative-classes/2.0.51.Final//netty-tcnative-classes-2.0.51.Final.jar -netty-transport-classes-epoll/4.1.76.Final//netty-transport-classes-epoll-4.1.76.Final.jar -netty-transport-classes-kqueue/4.1.76.Final//netty-transport-classes-kqueue-4.1.76.Final.jar -netty-transport-native-epoll/4.1.76.Final/linux-aarch_64/netty-transport-native-epoll-4.1.76.Final-linux-aarch_64.jar -netty-transport-native-epoll/4.1.76.Final/linux-x86_64/netty-transport-native-epoll-4.1.76.Final-linux-x86_64.jar -netty-transport-native-kqueue/4.1.76.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.76.Final-osx-aarch_64.jar -netty-transport-native-kqueue/4.1.76.Final/osx-x86_64/netty-transport-native-kqueue-4.1.76.Final-osx-x86_64.jar -netty-transport-native-unix-common/4.1.76.Final//netty-transport-native-unix-common-4.1.76.Final.jar -netty-transport/4.1.76.Final//netty-transport-4.1.76.Final.jar +netty-all/4.1.77.Final//netty-all-4.1.77.Final.jar +netty-buffer/4.1.77.Final//netty-buffer-4.1.77.Final.jar +netty-codec/4.1.77.Final//netty-codec-4.1.77.Final.jar +netty-common/4.1.77.Final//netty-common-4.1.77.Final.jar +netty-handler/4.1.77.Final//netty-handler-4.1.77.Final.jar +netty-resolver/4.1.77.Final//netty-resolver-4.1.77.Final.jar +netty-tcnative-classes/2.0.52.Final//netty-tcnative-classes-2.0.52.Final.jar +netty-transport-classes-epoll/4.1.77.Final//netty-transport-classes-epoll-4.1.77.Final.jar +netty-transport-classes-kqueue/4.1.77.Final//netty-transport-classes-kqueue-4.1.77.Final.jar +netty-transport-native-epoll/4.1.77.Final/linux-aarch_64/netty-transport-native-epoll-4.1.77.Final-linux-aarch_64.jar +netty-transport-native-epoll/4.1.77.Final/linux-x86_64/netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar +netty-transport-native-kqueue/4.1.77.Final/osx-aarch_64/netty-transport-native-kqueue-4.1.77.Final-osx-aarch_64.jar +netty-transport-native-kqueue/4.1.77.Final/osx-x86_64/netty-transport-native-kqueue-4.1.77.Final-osx-x86_64.jar +netty-transport-native-unix-common/4.1.77.Final//netty-transport-native-unix-common-4.1.77.Final.jar +netty-transport/4.1.77.Final//netty-transport-4.1.77.Final.jar objenesis/3.2//objenesis-3.2.jar okhttp/3.12.12//okhttp-3.12.12.jar okio/1.14.0//okio-1.14.0.jar diff --git a/pom.xml b/pom.xml index b808f37bdae..68bd7cd5cb0 100644 --- a/pom.xml +++ b/pom.xml @@ -204,8 +204,8 @@ <!-- When upgrading `netty.version`, need to check whether the version of `netty-tcnative-classes.version` also needs to be upgraded --> - <netty.version>4.1.76.Final</netty.version> - <netty-tcnative-classes.version>2.0.51.Final</netty-tcnative-classes.version> + <netty.version>4.1.77.Final</netty.version> + <netty-tcnative-classes.version>2.0.52.Final</netty-tcnative-classes.version> <!-- If you are changing Arrow version specification, please check ./python/pyspark/sql/pandas/utils.py, and ./python/setup.py too. --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org