[jira] [Created] (SPARK-24229) Upgrade to the latest Apache Thrift 0.10.0 release

Ray Donnelly (JIRA) Wed, 09 May 2018 15:40:26 -0700

Ray Donnelly created SPARK-24229:
------------------------------------

             Summary: Upgrade to the latest Apache Thrift 0.10.0 release
                 Key: SPARK-24229
                 URL: https://issues.apache.org/jira/browse/SPARK-24229
             Project: Spark
          Issue Type: Bug
          Components: Java API
    Affects Versions: 2.3.0
            Reporter: Ray Donnelly



According to [https://www.cvedetails.com/cve/CVE-2016-5397/]

 

.. there are critical vulnerabilities in libthrift 0.9.3 currently vendored in 
Apache Spark (and then, for us, into PySpark).

 

Can anyone help to assess the seriousness of this and what should be done about 
it?

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

[jira] [Created] (SPARK-24229) Upgrade to the latest Apache Thrift 0.10.0 release

Reply via email to