[spark] branch master updated: [SPARK-44914][BUILD] Upgrade `Apache ivy` from 2.5.1 to 2.5.2

Wed, 23 Aug 2023 05:58:34 -0700 

This is an automated email from the ASF dual-hosted git repository.

yangjie01 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/master by this push:
     new 611e17e8926 [SPARK-44914][BUILD] Upgrade `Apache ivy` from 2.5.1 to 
2.5.2
611e17e8926 is described below

commit 611e17e89260cd8d2b12edfc060f31a73773fa02
Author: Bjørn Jørgensen <bjornjorgen...@gmail.com>
AuthorDate: Wed Aug 23 20:58:12 2023 +0800

    [SPARK-44914][BUILD] Upgrade `Apache ivy` from 2.5.1 to 2.5.2
    
    ### What changes were proposed in this pull request?
    Upgrade Apache ivy from 2.5.1 to 2.5.2
    
    [Release 
notes](https://lists.apache.org/thread/9gcz4xrsn8c7o9gb377xfzvkb8jltffr)
    
    ### Why are the changes needed?
    [CVE-2022-46751](https://www.cve.org/CVERecord?id=CVE-2022-46751)
    
    The fix 
https://github.com/apache/ant-ivy/commit/2be17bc18b0e1d4123007d579e43ba1a4b6fab3d
    ### Does this PR introduce _any_ user-facing change?
    No.
    
    ### How was this patch tested?
    Pass GA
    
    ### Was this patch authored or co-authored using generative AI tooling?
    No.
    
    Closes #42613 from bjornjorgensen/ivy-2.5.2.
    
    Authored-by: Bjørn Jørgensen <bjornjorgen...@gmail.com>
    Signed-off-by: yangjie01 <yangji...@baidu.com>
---
 dev/deps/spark-deps-hadoop-3-hive-2.3 | 2 +-
 pom.xml                               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dev/deps/spark-deps-hadoop-3-hive-2.3 
b/dev/deps/spark-deps-hadoop-3-hive-2.3
index bf1c568669e..2c63641931e 100644
--- a/dev/deps/spark-deps-hadoop-3-hive-2.3
+++ b/dev/deps/spark-deps-hadoop-3-hive-2.3
@@ -97,7 +97,7 @@ httpclient/4.5.14//httpclient-4.5.14.jar
 httpcore/4.4.16//httpcore-4.4.16.jar
 ini4j/0.5.4//ini4j-0.5.4.jar
 istack-commons-runtime/3.0.8//istack-commons-runtime-3.0.8.jar
-ivy/2.5.1//ivy-2.5.1.jar
+ivy/2.5.2//ivy-2.5.2.jar
 jackson-annotations/2.15.2//jackson-annotations-2.15.2.jar
 jackson-core-asl/1.9.13//jackson-core-asl-1.9.13.jar
 jackson-core/2.15.2//jackson-core-2.15.2.jar
diff --git a/pom.xml b/pom.xml
index 804c2f8fb4b..4d302949fc1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -146,7 +146,7 @@
     <jetty.version>9.4.51.v20230217</jetty.version>
     <jakartaservlet.version>4.0.3</jakartaservlet.version>
     <chill.version>0.10.0</chill.version>
-    <ivy.version>2.5.1</ivy.version>
+    <ivy.version>2.5.2</ivy.version>
     <oro.version>2.0.8</oro.version>
     <!--
     If you changes codahale.metrics.version, you also need to change


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org

Reply via email to