Hi Owen
As confirmed with our firm appsec team, given the library is still being used
in spark3.3.1. Also I can see the dependency as below:
https://github.com/apache/spark/blob/v3.3.1/pom.xml#L1784
Something misunderstanding? appreciate if you could clarify more, thanks.
Regards
Harper
From:
Please read the CVE you mention. It is not a CVE about the library you are
referencing.
https://nvd.nist.gov/vuln/detail/CVE-2018-14721
On Thu, Dec 15, 2022 at 7:52 PM haibo.w...@morganstanley.com <
haibo.w...@morganstanley.com> wrote:
> Hi Owen
>
>
>
> As confirmed with our firm appsec team,
UNSUBSCRIBE
Hmm, did you mean spark.*driver*.extraClassPath? That is very odd then - if
you check the logs directory for the driver (on the cluster) I think there
should be a launch container log, where you can see the exact command used
to start the JVM (at the very end), and a line starting "export
Do you mean, when is branch 3.0.x EOL? It was EOL around the end of 2021.
But there were releases 3.0.2 and 3.0.3 beyond 3.0.1, so not clear what you
mean by support for 3.0.1.
On Thu, Dec 15, 2022 at 9:53 AM Pranav Kumar (EXT)
wrote:
> Hi Team,
>
>
>
> Could you please help us to know when
Hi Team,
Could you please help us to know when version 3.0.1 for Apache spark is going
to be EOS? Till when we are going to get fixes for the version 3.0.1.
Regards,
Pranav