Nicholas Marion created SPARK-20393:
---
Summary: Strengthen Spark to prevent XSS vulnerabilities
Key: SPARK-20393
URL: https://issues.apache.org/jira/browse/SPARK-20393
Project: Spark
Issue
Nicholas Marion created SPARK-29011:
---
Summary: Upgrade netty-all to 4.1.39-Final
Key: SPARK-29011
URL: https://issues.apache.org/jira/browse/SPARK-29011
Project: Spark
Issue Type:
[
https://issues.apache.org/jira/browse/SPARK-30466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17083270#comment-17083270
]
Nicholas Marion commented on SPARK-30466:
-
Also there were two more CVEs opened late last year
[
https://issues.apache.org/jira/browse/SPARK-30466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17067300#comment-17067300
]
Nicholas Marion commented on SPARK-30466:
-
It is worth noting that the following dependencies
Nicholas Marion created SPARK-33695:
---
Summary: Bump Jackson to 2.10.5 and databind to 2.10.5.1
Key: SPARK-33695
URL: https://issues.apache.org/jira/browse/SPARK-33695
Project: Spark
Issue
[
https://issues.apache.org/jira/browse/SPARK-33695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nicholas Marion updated SPARK-33695:
Description: Jackson reported a vulnerability under CVE-2020-25649. The
version pulled in
[
https://issues.apache.org/jira/browse/SPARK-33762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nicholas Marion updated SPARK-33762:
Description:
Currently Spark pulls in commons-codec version 2.10 which was released 6
[
https://issues.apache.org/jira/browse/SPARK-33695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17248107#comment-17248107
]
Nicholas Marion commented on SPARK-33695:
-
[~dongjoon] ,
As a security issue, would this
Nicholas Marion created SPARK-33762:
---
Summary: Bump commons-codec to latest version.
Key: SPARK-33762
URL: https://issues.apache.org/jira/browse/SPARK-33762
Project: Spark
Issue Type:
[
https://issues.apache.org/jira/browse/SPARK-30466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17737164#comment-17737164
]
Nicholas Marion commented on SPARK-30466:
-
Hive 3.x is planned for Spark 4.x; so hopefully that
10 matches
Mail list logo