You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Hyukjin Kwon (Jira)" <ji...@apache.org> on 2022/01/14 06:01:00 UTC
[jira] [Commented] (SPARK-37883) log4j update to 2.17.1 in spark-core 3.2
[ https://issues.apache.org/jira/browse/SPARK-37883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17475966#comment-17475966 ]
Hyukjin Kwon commented on SPARK-37883:
--------------------------------------
you should either upgrade to the latest Spark 3.3 when it's released.
> log4j update to 2.17.1 in spark-core 3.2
> ----------------------------------------
>
> Key: SPARK-37883
> URL: https://issues.apache.org/jira/browse/SPARK-37883
> Project: Spark
> Issue Type: Bug
> Components: Security, Spark Core
> Affects Versions: 3.2.0
> Reporter: Setu Agrawal
> Priority: Major
> Labels: https://mvnrepository.com/artifact/org.apache.spark/spark-core_2.12/3.2.0
>
> We are using spark-core jar file, as below
> libraryDependencies += "org.apache.spark" %% "spark-core" % "3.2.0"
> as per maven repository it usgaes log4j older version, which need to be updated latest(2.17.1) to fix security vulenrability, please help us, how we can get update version spark-core, which usages latest updated log4j.
> Thanks
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org