[ https://issues.apache.org/jira/browse/SPARK-28713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dongjoon Hyun updated SPARK-28713: ---------------------------------- Summary: Bump checkstyle from 8.14 to 8.23 (was: Bump checkstyle from 8.14 to 8.18) > Bump checkstyle from 8.14 to 8.23 > --------------------------------- > > Key: SPARK-28713 > URL: https://issues.apache.org/jira/browse/SPARK-28713 > Project: Spark > Issue Type: Task > Components: Spark Core > Affects Versions: 2.4.3 > Reporter: Fokko Driesprong > Priority: Major > > From the GitHub Security Advisory Database: > Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle > Checkstyle prior to 8.18 loads external DTDs by default, which can > potentially lead to denial of service attacks or the leaking of confidential > information. > Affected versions: < 8.18 -- This message was sent by Atlassian JIRA (v7.6.14#76016) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org