You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Bjørn Jørgensen (Jira)" <ji...@apache.org> on 2022/08/10 17:27:00 UTC
[jira] [Created] (SPARK-40037) Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0
Bjørn Jørgensen created SPARK-40037:
---------------------------------------
Summary: Upgrade com.google.crypto.tink:tink from 1.6.1 to 1.7.0
Key: SPARK-40037
URL: https://issues.apache.org/jira/browse/SPARK-40037
Project: Spark
Issue Type: Dependency upgrade
Components: Build
Affects Versions: 3.4.0
Reporter: Bjørn Jørgensen
[https://www.cve.org/CVERecord?id=CVE-2022-25647|CVE-2022-25647]
[https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327|Info at SNYK]
[https://www.cve.org/CVERecord?id=CVE-2021-22569|CVE-2021-22569]
[https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-2331703|Info at SNYK]
[https://github.com/google/tink/releases/tag/v1.7.0|releases log]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org