diff options
| author | Sean Owen <sowen@cloudera.com> | 2015-11-18 08:59:20 +0000 |
|---|---|---|
| committer | Sean Owen <sowen@cloudera.com> | 2015-11-18 08:59:20 +0000 |
| commit | 9631ca35275b0ce8a5219f975907ac36ed11f528 (patch) | |
| tree | 22c480ce9774b44acf54b7292231401d3273ef5a /pom.xml | |
| parent | e62820c85fe02c70f9ed51b2e68d41ff8cfecd40 (diff) | |
| download | spark-9631ca35275b0ce8a5219f975907ac36ed11f528.tar.gz spark-9631ca35275b0ce8a5219f975907ac36ed11f528.tar.bz2 spark-9631ca35275b0ce8a5219f975907ac36ed11f528.zip | |
[SPARK-11652][CORE] Remote code execution with InvokerTransformer
Update to Commons Collections 3.2.2 to avoid any potential remote code execution vulnerability
Author: Sean Owen <sowen@cloudera.com>
Closes #9731 from srowen/SPARK-11652.
Diffstat (limited to 'pom.xml')
| -rw-r--r-- | pom.xml | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -162,6 +162,8 @@ <!-- commons-httpclient/commons-httpclient--> <httpclient.classic.version>3.1</httpclient.classic.version> <commons.math3.version>3.4.1</commons.math3.version> + <!-- managed up from 3.2.1 for SPARK-11652 --> + <commons.collections.version>3.2.2</commons.collections.version> <scala.version>2.10.5</scala.version> <scala.binary.version>2.10</scala.binary.version> <jline.version>${scala.version}</jline.version> @@ -476,6 +478,11 @@ <version>${commons.math3.version}</version> </dependency> <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-collections</artifactId> + <version>${commons.collections.version}</version> + </dependency> + <dependency> <groupId>org.apache.ivy</groupId> <artifactId>ivy</artifactId> <version>${ivy.version}</version> |