[spark] branch master updated: [SPARK-27620][BUILD] Upgrade jetty to 9.4.18.v20190429

Thu, 02 May 2019 17:26:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

gurwls223 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/master by this push:
     new 875e7e1  [SPARK-27620][BUILD] Upgrade jetty to 9.4.18.v20190429
875e7e1 is described below

commit 875e7e1d972b0fcdc948fe906d0da68efbd497b2
Author: Yuming Wang <yumw...@ebay.com>
AuthorDate: Fri May 3 09:25:54 2019 +0900

    [SPARK-27620][BUILD] Upgrade jetty to 9.4.18.v20190429
    
    ## What changes were proposed in this pull request?
    
    This pr upgrade jetty to 
[9.4.18.v20190429](https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.18.v20190429)
 because of [CVE-2019-10247](https://nvd.nist.gov/vuln/detail/CVE-2019-10247).
    
    ## How was this patch tested?
    
    Existing test.
    
    Closes #24513 from wangyum/SPARK-27620.
    
    Authored-by: Yuming Wang <yumw...@ebay.com>
    Signed-off-by: HyukjinKwon <gurwls...@apache.org>
---
 dev/deps/spark-deps-hadoop-3.2 | 4 ++--
 pom.xml                        | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dev/deps/spark-deps-hadoop-3.2 b/dev/deps/spark-deps-hadoop-3.2
index fd09e45..643ba2f 100644
--- a/dev/deps/spark-deps-hadoop-3.2
+++ b/dev/deps/spark-deps-hadoop-3.2
@@ -117,8 +117,8 @@ jersey-container-servlet-core-2.22.2.jar
 jersey-guava-2.22.2.jar
 jersey-media-jaxb-2.22.2.jar
 jersey-server-2.22.2.jar
-jetty-webapp-9.4.12.v20180830.jar
-jetty-xml-9.4.12.v20180830.jar
+jetty-webapp-9.4.18.v20190429.jar
+jetty-xml-9.4.18.v20190429.jar
 jline-2.14.6.jar
 joda-time-2.9.3.jar
 jodd-core-3.5.2.jar
diff --git a/pom.xml b/pom.xml
index 62be6d8..f3ba896 100644
--- a/pom.xml
+++ b/pom.xml
@@ -139,7 +139,7 @@
     <orc.classifier>nohive</orc.classifier>
     <hive.parquet.group>com.twitter</hive.parquet.group>
     <hive.parquet.version>1.6.0</hive.parquet.version>
-    <jetty.version>9.4.12.v20180830</jetty.version>
+    <jetty.version>9.4.18.v20190429</jetty.version>
     <javaxservlet.version>3.1.0</javaxservlet.version>
     <chill.version>0.9.3</chill.version>
     <ivy.version>2.4.0</ivy.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org

Reply via email to