diff options
author | Sean Owen <sowen@cloudera.com> | 2016-12-03 09:53:47 +0000 |
---|---|---|
committer | Sean Owen <sowen@cloudera.com> | 2016-12-03 09:53:47 +0000 |
commit | 553aac56bd5284e84391c05e2ef54d8bd7ad3a12 (patch) | |
tree | fd1c9e8c47b0f4769746b0e28e4c9b4cc6229a04 /dev/deps/spark-deps-hadoop-2.7 | |
parent | 7c33b0fd050f3d2b08c1cfd7efbff8166832c1af (diff) | |
download | spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.gz spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.bz2 spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.zip |
[SPARK-18586][BUILD] netty-3.8.0.Final.jar has vulnerability CVE-2014-3488 and CVE-2014-0193
## What changes were proposed in this pull request?
Force update to latest Netty 3.9.x, for dependencies like Flume, to resolve two CVEs. 3.9.2 is the first version that resolves both, and, this is the latest in the 3.9.x line.
## How was this patch tested?
Existing tests
Author: Sean Owen <sowen@cloudera.com>
Closes #16102 from srowen/SPARK-18586.
Diffstat (limited to 'dev/deps/spark-deps-hadoop-2.7')
-rw-r--r-- | dev/deps/spark-deps-hadoop-2.7 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/dev/deps/spark-deps-hadoop-2.7 b/dev/deps/spark-deps-hadoop-2.7 index b129e5a99e..77fb5370d9 100644 --- a/dev/deps/spark-deps-hadoop-2.7 +++ b/dev/deps/spark-deps-hadoop-2.7 @@ -138,7 +138,7 @@ metrics-json-3.1.2.jar metrics-jvm-3.1.2.jar minlog-1.3.0.jar mx4j-3.0.2.jar -netty-3.8.0.Final.jar +netty-3.9.9.Final.jar netty-all-4.0.42.Final.jar objenesis-2.1.jar opencsv-2.3.jar |