[SPARK-18586][BUILD] netty-3.8.0.Final.jar has vulnerability CVE-2014-3488 and CVE-2014-0193

## What changes were proposed in this pull request? Force update to latest Netty 3.9.x, for dependencies like Flume, to resolve two CVEs. 3.9.2 is the first version that resolves both, and, this is the latest in the 3.9.x line. ## How was this patch tested? Existing tests Author: Sean Owen <sowen@cloudera.com> Closes #16102 from srowen/SPARK-18586.
author: Sean Owen <sowen@cloudera.com> 2016-12-03 09:53:47 +0000
committer: Sean Owen <sowen@cloudera.com> 2016-12-03 09:53:47 +0000
commit: 553aac56bd5284e84391c05e2ef54d8bd7ad3a12 (patch)
tree: fd1c9e8c47b0f4769746b0e28e4c9b4cc6229a04 /pom.xml
parent: 7c33b0fd050f3d2b08c1cfd7efbff8166832c1af (diff)
download: spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.gz
spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.bz2
spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/pom.xml b/pom.xml
index 33c8dcbb4f..2e67364d3e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -557,7 +557,7 @@
       <dependency>
         <groupId>io.netty</groupId>
         <artifactId>netty</artifactId>
-        <version>3.8.0.Final</version>
+        <version>3.9.9.Final</version>
       </dependency>
       <dependency>
         <groupId>org.apache.derby</groupId>
author	Sean Owen <sowen@cloudera.com>	2016-12-03 09:53:47 +0000
committer	Sean Owen <sowen@cloudera.com>	2016-12-03 09:53:47 +0000
commit	553aac56bd5284e84391c05e2ef54d8bd7ad3a12 (patch)
tree	fd1c9e8c47b0f4769746b0e28e4c9b4cc6229a04 /pom.xml
parent	7c33b0fd050f3d2b08c1cfd7efbff8166832c1af (diff)
download	spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.gz spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.tar.bz2 spark-553aac56bd5284e84391c05e2ef54d8bd7ad3a12.zip