Repository: spark-website Updated Branches: refs/heads/asf-site 442b04535 -> fc8a00df0
Added JIRA to CVEs on security page Project: http://git-wip-us.apache.org/repos/asf/spark-website/repo Commit: http://git-wip-us.apache.org/repos/asf/spark-website/commit/fc8a00df Tree: http://git-wip-us.apache.org/repos/asf/spark-website/tree/fc8a00df Diff: http://git-wip-us.apache.org/repos/asf/spark-website/diff/fc8a00df Branch: refs/heads/asf-site Commit: fc8a00df0fd243bb19efbb312a115b37e4626b6e Parents: 442b045 Author: Sean Owen <so...@cloudera.com> Authored: Fri Sep 15 22:11:19 2017 +0100 Committer: Sean Owen <so...@cloudera.com> Committed: Fri Sep 15 22:12:08 2017 +0100 ---------------------------------------------------------------------- security.md | 4 ++++ site/security.html | 4 ++++ 2 files changed, 8 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/spark-website/blob/fc8a00df/security.md ---------------------------------------------------------------------- diff --git a/security.md b/security.md index c5e6dbd..e33bab1 100644 --- a/security.md +++ b/security.md @@ -19,6 +19,8 @@ non-public list that will reach the Spark PMC. Messages to `secur...@apache.org` <h3 id="CVE-2017-12612">CVE-2017-12612 Unsafe deserialization in Apache Spark launcher API</h3> +JIRA: [SPARK-20922](https://issues.apache.org/jira/browse/SPARK-20922) + Severity: Medium Vendor: The Apache Software Foundation @@ -44,6 +46,8 @@ Credit: <h3 id="CVE-2017-7678">CVE-2017-7678 Apache Spark XSS web UI MHTML vulnerability</h3> +JIRA: [SPARK-20393](https://issues.apache.org/jira/browse/SPARK-20393) + Severity: Low Vendor: The Apache Software Foundation http://git-wip-us.apache.org/repos/asf/spark-website/blob/fc8a00df/site/security.html ---------------------------------------------------------------------- diff --git a/site/security.html b/site/security.html index 6d57e11..41e1589 100644 --- a/site/security.html +++ b/site/security.html @@ -206,6 +206,8 @@ non-public list that will reach the Spark PMC. Messages to <code>security@apache <h3 id="CVE-2017-12612">CVE-2017-12612 Unsafe deserialization in Apache Spark launcher API</h3> +<p>JIRA: <a href="https://issues.apache.org/jira/browse/SPARK-20922">SPARK-20922</a></p> + <p>Severity: Medium</p> <p>Vendor: The Apache Software Foundation</p> @@ -233,6 +235,8 @@ Update to Apache Spark 2.2.0 or later.</p> <h3 id="CVE-2017-7678">CVE-2017-7678 Apache Spark XSS web UI MHTML vulnerability</h3> +<p>JIRA: <a href="https://issues.apache.org/jira/browse/SPARK-20393">SPARK-20393</a></p> + <p>Severity: Low</p> <p>Vendor: The Apache Software Foundation</p> --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org