You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "Bjørn Jørgensen (Jira)" <ji...@apache.org> on 2022/08/10 17:27:00 UTC

[jira] [Created] (SPARK-40037) Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0

Bjørn Jørgensen created SPARK-40037:
---------------------------------------

             Summary: Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0
                 Key: SPARK-40037
                 URL: https://issues.apache.org/jira/browse/SPARK-40037
             Project: Spark
          Issue Type: Dependency upgrade
          Components: Build
    Affects Versions: 3.4.0
            Reporter: Bjørn Jørgensen


[https://www.cve.org/CVERecord?id=CVE-2022-25647|CVE-2022-25647]  

[https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327|Info at SNYK]

[https://www.cve.org/CVERecord?id=CVE-2021-22569|CVE-2021-22569]

[https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-2331703|Info at SNYK]

[https://github.com/google/tink/releases/tag/v1.7.0|releases log]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org