[
https://issues.apache.org/jira/browse/SPARK-35305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dongjoon Hyun resolved SPARK-35305.
-----------------------------------
Resolution: Later
According to the discussion on the PR, we already upgraded Netty library to
remove those vulnerability. So, we don't need to upgrade Zookeeper.
- https://github.com/apache/spark/pull/32572#pullrequestreview-661653211
> Upgrade ZooKeeper to 3.7.0
> --------------------------
>
> Key: SPARK-35305
> URL: https://issues.apache.org/jira/browse/SPARK-35305
> Project: Spark
> Issue Type: Dependency upgrade
> Components: Build
> Affects Versions: 3.2.0
> Reporter: Hari Prasad G
> Priority: Major
>
> Upgrade ZooKeeper to 3.7.0 to fix the vulnerabilities.
> *List of CVE's:*
> * CVE-2021-21295
> * CVE-2021-21290
> * CVE-2021-21409
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
