You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@spark.apache.org by "bjornjorgensen (via GitHub)" <gi...@apache.org> on 2023/05/24 10:16:59 UTC

[GitHub] [spark] bjornjorgensen commented on pull request #41281: [WIP] update to secure version of fasterxml

bjornjorgensen commented on PR #41281:
URL: https://github.com/apache/spark/pull/41281#issuecomment-1560843908

   How is this "update to secure version of fasterxml" ? 
   
   "this is to fix the vulnerability sonatype-2022-6438" 
   that was fixed in 2.15.0 witch we updated in https://github.com/apache/spark/commit/a4a274c4e4f709765e7a8c687347816d8951a681 
   
   
   This is the change log for 2.15.1 https://github.com/FasterXML/jackson-databind/blob/77789abaecd2e42a3765af5231e252ee62578b18/release-notes/VERSION-2.x#LL17C21-L17C21


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org