This is an automated email from the ASF dual-hosted git repository. gurwls223 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push: new 875e7e1 [SPARK-27620][BUILD] Upgrade jetty to 9.4.18.v20190429 875e7e1 is described below commit 875e7e1d972b0fcdc948fe906d0da68efbd497b2 Author: Yuming Wang <yumw...@ebay.com> AuthorDate: Fri May 3 09:25:54 2019 +0900 [SPARK-27620][BUILD] Upgrade jetty to 9.4.18.v20190429 ## What changes were proposed in this pull request? This pr upgrade jetty to [9.4.18.v20190429](https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.18.v20190429) because of [CVE-2019-10247](https://nvd.nist.gov/vuln/detail/CVE-2019-10247). ## How was this patch tested? Existing test. Closes #24513 from wangyum/SPARK-27620. Authored-by: Yuming Wang <yumw...@ebay.com> Signed-off-by: HyukjinKwon <gurwls...@apache.org> --- dev/deps/spark-deps-hadoop-3.2 | 4 ++-- pom.xml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dev/deps/spark-deps-hadoop-3.2 b/dev/deps/spark-deps-hadoop-3.2 index fd09e45..643ba2f 100644 --- a/dev/deps/spark-deps-hadoop-3.2 +++ b/dev/deps/spark-deps-hadoop-3.2 @@ -117,8 +117,8 @@ jersey-container-servlet-core-2.22.2.jar jersey-guava-2.22.2.jar jersey-media-jaxb-2.22.2.jar jersey-server-2.22.2.jar -jetty-webapp-9.4.12.v20180830.jar -jetty-xml-9.4.12.v20180830.jar +jetty-webapp-9.4.18.v20190429.jar +jetty-xml-9.4.18.v20190429.jar jline-2.14.6.jar joda-time-2.9.3.jar jodd-core-3.5.2.jar diff --git a/pom.xml b/pom.xml index 62be6d8..f3ba896 100644 --- a/pom.xml +++ b/pom.xml @@ -139,7 +139,7 @@ <orc.classifier>nohive</orc.classifier> <hive.parquet.group>com.twitter</hive.parquet.group> <hive.parquet.version>1.6.0</hive.parquet.version> - <jetty.version>9.4.12.v20180830</jetty.version> + <jetty.version>9.4.18.v20190429</jetty.version> <javaxservlet.version>3.1.0</javaxservlet.version> <chill.version>0.9.3</chill.version> <ivy.version>2.4.0</ivy.version> --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org