Thx for the update. ( I was about to create the PR). Thx for looking into it.
On Sun, 17 Apr 2022, 00:26 Sean Owen, <sro...@gmail.com> wrote: > FWIW here's an update to 1.10.25: > https://github.com/apache/spark/pull/36226 > > > On Wed, Apr 13, 2022 at 8:28 AM Sean Owen <sro...@gmail.com> wrote: > >> You can see the files in >> core/src/main/resources/org/apache/spark/ui/static - you can try dropping >> in the new minified versions and see if the UI is OK. >> You can open a pull request if it works to update it, in case this >> affects Spark. >> It looks like the smaller upgrade to 1.10.22 is also sufficient. >> >> On Wed, Apr 13, 2022 at 7:43 AM Pralabh Kumar <pralabhku...@gmail.com> >> wrote: >> >>> Hi Dev Team >>> >>> Spark 3.2 (and 3.3 might also) have CVE 2020-28458. Therefore in my >>> local repo of Spark I would like to update DataTables to 1.11.5. >>> >>> Can you please help me to point out where I should upgrade DataTables >>> dependency ?. >>> >>> Regards >>> Pralabh Kumar >>> >>