You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mnemonic.apache.org by "Wang, Gang (Jira)" <ji...@apache.org> on 2022/03/07 07:48:00 UTC

[jira] [Updated] (MNEMONIC-733) Identified 5 more critical security vulnerabilities

     [ https://issues.apache.org/jira/browse/MNEMONIC-733?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Wang, Gang updated MNEMONIC-733:
--------------------------------
    Description: 
There are still 5 more critical security vulnerabilities which are all introduced by Spark core (org.apache.spark:spark-core_2.11@2.2.0) indirectly, but I cannot find available remediation for that, please check it out [https://mvnrepository.com/artifact/org.apache.spark/spark-core]

so, I suggest temporarily disabling the spark integration module till it got solved and available in Maven repository.

  was:
There are still 5 more critical security vulnerabilities which are all introduced by Spark core (org.apache.spark:spark-core_2.11@2.2.0) indirectly, but I cannot find available remediation for that, please check it out [https://mvnrepository.com/artifact/org.apache.spark/spark-core]

so, I suggest to temporarily disable the spark integration module till it got solved and available in Maven repository.


> Identified 5 more critical security vulnerabilities
> ---------------------------------------------------
>
>                 Key: MNEMONIC-733
>                 URL: https://issues.apache.org/jira/browse/MNEMONIC-733
>             Project: Mnemonic
>          Issue Type: Bug
>          Components: Spark-Integration
>    Affects Versions: 0.17.0
>            Reporter: Wang, Gang
>            Assignee: Wang, Gang
>            Priority: Critical
>             Fix For: 0.17.0
>
>
> There are still 5 more critical security vulnerabilities which are all introduced by Spark core (org.apache.spark:spark-core_2.11@2.2.0) indirectly, but I cannot find available remediation for that, please check it out [https://mvnrepository.com/artifact/org.apache.spark/spark-core]
> so, I suggest temporarily disabling the spark integration module till it got solved and available in Maven repository.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)