spark git commit: [SPARK-16751] Upgrade derby to 10.12.1.1

[srowen]

Repository: spark
Updated Branches:
  refs/heads/branch-1.6 15abbf9d2 -> b6f607569


[SPARK-16751] Upgrade derby to 10.12.1.1

Version of derby upgraded based on important security info at VersionEye. Test 
scope added so we don't include it in our final package anyway. NB: I think 
this should be backported to all previous releases as it is a security problem 
https://www.versioneye.com/java/org.apache.derby:derby/10.11.1.1

The CVE number is 2015-1832. I also suggest we add a SECURITY tag for JIRAs

Existing tests with the change making sure that we see no new failures. I 
checked derby 10.12.x and not derby 10.11.x is downloaded to our ~/.m2 folder.

I then used dev/make-distribution.sh and checked the dist/jars folder for Spark 
2.0: no derby jar is present.

I don't know if this would also remove it from the assembly jar in our 1.x 
branches.

Author: Adam Roberts <arobe...@uk.ibm.com>

Closes #14379 from a-roberts/patch-4.

(cherry picked from commit 04a2c072d94874f3f7ae9dd94c026e8826a75ccd)
Signed-off-by: Sean Owen <so...@cloudera.com>


Project: http://git-wip-us.apache.org/repos/asf/spark/repo
Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/b6f60756
Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/b6f60756
Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/b6f60756

Branch: refs/heads/branch-1.6
Commit: b6f60756942486a9367b1e7b6bd89ac476576114
Parents: 15abbf9
Author: Adam Roberts <arobe...@uk.ibm.com>
Authored: Fri Jul 29 04:43:01 2016 -0700
Committer: Sean Owen <so...@cloudera.com>
Committed: Fri Jul 29 04:46:24 2016 -0700

----------------------------------------------------------------------
 dev/deps/spark-deps-hadoop-2.2 | 2 +-
 dev/deps/spark-deps-hadoop-2.3 | 2 +-
 dev/deps/spark-deps-hadoop-2.4 | 2 +-
 dev/deps/spark-deps-hadoop-2.6 | 2 +-
 pom.xml                        | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/spark/blob/b6f60756/dev/deps/spark-deps-hadoop-2.2
----------------------------------------------------------------------
diff --git a/dev/deps/spark-deps-hadoop-2.2 b/dev/deps/spark-deps-hadoop-2.2
index c9cb071..5a99ce7 100644
--- a/dev/deps/spark-deps-hadoop-2.2
+++ b/dev/deps/spark-deps-hadoop-2.2
@@ -53,7 +53,7 @@ curator-recipes-2.4.0.jar
 datanucleus-api-jdo-3.2.6.jar
 datanucleus-core-3.2.10.jar
 datanucleus-rdbms-3.2.9.jar
-derby-10.10.1.1.jar
+derby-10.12.1.1.jar
 eigenbase-properties-1.1.5.jar
 geronimo-annotation_1.0_spec-1.1.1.jar
 geronimo-jaspic_1.0_spec-1.0.jar

http://git-wip-us.apache.org/repos/asf/spark/blob/b6f60756/dev/deps/spark-deps-hadoop-2.3
----------------------------------------------------------------------
diff --git a/dev/deps/spark-deps-hadoop-2.3 b/dev/deps/spark-deps-hadoop-2.3
index ed2d629..88bdddf 100644
--- a/dev/deps/spark-deps-hadoop-2.3
+++ b/dev/deps/spark-deps-hadoop-2.3
@@ -54,7 +54,7 @@ curator-recipes-2.4.0.jar
 datanucleus-api-jdo-3.2.6.jar
 datanucleus-core-3.2.10.jar
 datanucleus-rdbms-3.2.9.jar
-derby-10.10.1.1.jar
+derby-10.12.1.1.jar
 eigenbase-properties-1.1.5.jar
 geronimo-annotation_1.0_spec-1.1.1.jar
 geronimo-jaspic_1.0_spec-1.0.jar

http://git-wip-us.apache.org/repos/asf/spark/blob/b6f60756/dev/deps/spark-deps-hadoop-2.4
----------------------------------------------------------------------
diff --git a/dev/deps/spark-deps-hadoop-2.4 b/dev/deps/spark-deps-hadoop-2.4
index 22a9b8e..956dde8 100644
--- a/dev/deps/spark-deps-hadoop-2.4
+++ b/dev/deps/spark-deps-hadoop-2.4
@@ -54,7 +54,7 @@ curator-recipes-2.4.0.jar
 datanucleus-api-jdo-3.2.6.jar
 datanucleus-core-3.2.10.jar
 datanucleus-rdbms-3.2.9.jar
-derby-10.10.1.1.jar
+derby-10.12.1.1.jar
 eigenbase-properties-1.1.5.jar
 geronimo-annotation_1.0_spec-1.1.1.jar
 geronimo-jaspic_1.0_spec-1.0.jar

http://git-wip-us.apache.org/repos/asf/spark/blob/b6f60756/dev/deps/spark-deps-hadoop-2.6
----------------------------------------------------------------------
diff --git a/dev/deps/spark-deps-hadoop-2.6 b/dev/deps/spark-deps-hadoop-2.6
index 87e6c2a..4bcdf36 100644
--- a/dev/deps/spark-deps-hadoop-2.6
+++ b/dev/deps/spark-deps-hadoop-2.6
@@ -58,7 +58,7 @@ curator-recipes-2.6.0.jar
 datanucleus-api-jdo-3.2.6.jar
 datanucleus-core-3.2.10.jar
 datanucleus-rdbms-3.2.9.jar
-derby-10.10.1.1.jar
+derby-10.12.1.1.jar
 eigenbase-properties-1.1.5.jar
 geronimo-annotation_1.0_spec-1.1.1.jar
 geronimo-jaspic_1.0_spec-1.0.jar

http://git-wip-us.apache.org/repos/asf/spark/blob/b6f60756/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index d73d5e2..769ebc5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -140,7 +140,7 @@
     <hive.version>1.2.1.spark</hive.version>
     <!-- Version used for internal directory structure -->
     <hive.version.short>1.2.1</hive.version.short>
-    <derby.version>10.10.1.1</derby.version>
+    <derby.version>10.12.1.1</derby.version>
     <parquet.version>1.7.0</parquet.version>
     <hive.parquet.version>1.6.0</hive.parquet.version>
     <jblas.version>1.2.4</jblas.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org