This is an automated email from the ASF dual-hosted git repository.
sarutak pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push:
new 7b78d56 [SPARK-35870][BUILD] Upgrade Jetty to 9.4.42
7b78d56 is described below
commit 7b78d56f34a30148374c68141a3adb3a0c432a1b
Author: Kousuke Saruta <saru...@oss.nttdata.com>
AuthorDate: Fri Jun 25 03:32:32 2021 +0900
[SPARK-35870][BUILD] Upgrade Jetty to 9.4.42
### What changes were proposed in this pull request?
This PR upgrades Jetty to `9.4.42`.
In the current master, `9.4.40` is used.
`9.4.41` and `9.4.42` include the following updates.
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.41.v20210516
https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.42.v20210604
### Why are the changes needed?
Mainly for CVE-2021-28169.
https://nvd.nist.gov/vuln/detail/CVE-2021-28169
This CVE might little affect Spark, but just in case.
### Does this PR introduce _any_ user-facing change?
No.
### How was this patch tested?
CI.
Closes #33053 from sarutak/upgrade-jetty-9.4.42.
Authored-by: Kousuke Saruta <saru...@oss.nttdata.com>
Signed-off-by: Kousuke Saruta <saru...@oss.nttdata.com>
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index a53aae3..16fe9e6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -138,7 +138,7 @@
<derby.version>10.14.2.0</derby.version>
<parquet.version>1.12.0</parquet.version>
<orc.version>1.6.8</orc.version>
- <jetty.version>9.4.40.v20210413</jetty.version>
+ <jetty.version>9.4.42.v20210604</jetty.version>
<jakartaservlet.version>4.0.3</jakartaservlet.version>
<chill.version>0.9.5</chill.version>
<ivy.version>2.4.0</ivy.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org
