You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spark.apache.org by yu...@apache.org on 2023/06/16 15:50:12 UTC

[spark] branch branch-3.4 updated (d050ff3cf2e -> 89bfb1ffe6c)

This is an automated email from the ASF dual-hosted git repository.

yumwang pushed a change to branch branch-3.4
in repository https://gitbox.apache.org/repos/asf/spark.git


 discard d050ff3cf2e [SPARK-44070][BUILD] Bump snappy-java 1.1.10.1
     new 89bfb1ffe6c [SPARK-44070][BUILD] Bump snappy-java 1.1.10.1

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (d050ff3cf2e)
            \
             N -- N -- N   refs/heads/branch-3.4 (89bfb1ffe6c)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 dev/deps/spark-deps-hadoop-2-hive-2.3 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@spark.apache.org
For additional commands, e-mail: commits-help@spark.apache.org

[spark] 01/01: [SPARK-44070][BUILD] Bump snappy-java 1.1.10.1

Posted by yu...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

yumwang pushed a commit to branch branch-3.4
in repository https://gitbox.apache.org/repos/asf/spark.git

commit 89bfb1ffe6c1df53a307b55ccf87e1a4d265a76a
Author: Yuming Wang <yu...@ebay.com>
AuthorDate: Fri Jun 16 23:49:30 2023 +0800

    [SPARK-44070][BUILD] Bump snappy-java 1.1.10.1
    
    ### What changes were proposed in this pull request?
    
    Bump snappy-java from 1.1.10.0 to 1.1.10.1.
    
    ### Why are the changes needed?
    
    This mostly is a security version, the notable changes are CVE fixing.
    
    - CVE-2023-34453 Integer overflow in shuffle
    - CVE-2023-34454 Integer overflow in compress
    - CVE-2023-34455 Unchecked chunk length
    
    Full changelog: https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
    
    ### Does this PR introduce _any_ user-facing change?
    
    No.
    
    ### How was this patch tested?
    
    Pass GA.
    
    Closes #41616 from pan3793/SPARK-44070.
    
    Authored-by: Cheng Pan <ch...@apache.org>
    Signed-off-by: Yuming Wang <yu...@ebay.com>
    (cherry picked from commit 0502a42dda4d0822e2572a3d1ae6928d90b792a9)
    Signed-off-by: Yuming Wang <yu...@ebay.com>
---
 dev/deps/spark-deps-hadoop-2-hive-2.3 | 2 +-
 dev/deps/spark-deps-hadoop-3-hive-2.3 | 2 +-
 pom.xml                               | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dev/deps/spark-deps-hadoop-2-hive-2.3 b/dev/deps/spark-deps-hadoop-2-hive-2.3
index 340f08d5863..358fcda921e 100644
--- a/dev/deps/spark-deps-hadoop-2-hive-2.3
+++ b/dev/deps/spark-deps-hadoop-2-hive-2.3
@@ -248,7 +248,7 @@ scala-xml_2.12/2.1.0//scala-xml_2.12-2.1.0.jar
 shims/0.9.38//shims-0.9.38.jar
 slf4j-api/2.0.6//slf4j-api-2.0.6.jar
 snakeyaml/1.33//snakeyaml-1.33.jar
-snappy-java/1.1.10.0//snappy-java-1.1.10.0.jar
+snappy-java/1.1.10.1//snappy-java-1.1.10.1.jar
 spire-macros_2.12/0.17.0//spire-macros_2.12-0.17.0.jar
 spire-platform_2.12/0.17.0//spire-platform_2.12-0.17.0.jar
 spire-util_2.12/0.17.0//spire-util_2.12-0.17.0.jar
diff --git a/dev/deps/spark-deps-hadoop-3-hive-2.3 b/dev/deps/spark-deps-hadoop-3-hive-2.3
index 5f85a8eae2f..d34ebb1067e 100644
--- a/dev/deps/spark-deps-hadoop-3-hive-2.3
+++ b/dev/deps/spark-deps-hadoop-3-hive-2.3
@@ -235,7 +235,7 @@ scala-xml_2.12/2.1.0//scala-xml_2.12-2.1.0.jar
 shims/0.9.38//shims-0.9.38.jar
 slf4j-api/2.0.6//slf4j-api-2.0.6.jar
 snakeyaml/1.33//snakeyaml-1.33.jar
-snappy-java/1.1.10.0//snappy-java-1.1.10.0.jar
+snappy-java/1.1.10.1//snappy-java-1.1.10.1.jar
 spire-macros_2.12/0.17.0//spire-macros_2.12-0.17.0.jar
 spire-platform_2.12/0.17.0//spire-platform_2.12-0.17.0.jar
 spire-util_2.12/0.17.0//spire-util_2.12-0.17.0.jar
diff --git a/pom.xml b/pom.xml
index e4624ba6c4f..46874dca5b2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -185,7 +185,7 @@
     <codehaus.jackson.version>1.9.13</codehaus.jackson.version>
     <fasterxml.jackson.version>2.14.2</fasterxml.jackson.version>
     <fasterxml.jackson.databind.version>2.14.2</fasterxml.jackson.databind.version>
-    <snappy.version>1.1.10.0</snappy.version>
+    <snappy.version>1.1.10.1</snappy.version>
     <netlib.ludovic.dev.version>3.0.3</netlib.ludovic.dev.version>
     <commons-codec.version>1.15</commons-codec.version>
     <commons-compress.version>1.22</commons-compress.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@spark.apache.org
For additional commands, e-mail: commits-help@spark.apache.org