[
https://issues.apache.org/jira/browse/SPARK-38061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17486254#comment-17486254
]
Hyukjin Kwon commented on SPARK-38061:
--------------------------------------
No, the security report here simply mentions the issues in their own libraries
themselves. We don't know if they actually affect Spark or not, and we should
proceed the upgrade separately for each ticket.
> security scan issue jackson-databinding HDFS dependency library
> ---------------------------------------------------------------
>
> Key: SPARK-38061
> URL: https://issues.apache.org/jira/browse/SPARK-38061
> Project: Spark
> Issue Type: Bug
> Components: Kubernetes, Security
> Affects Versions: 3.2.0
> Reporter: Sujit Biswas
> Priority: Major
> Attachments: scan-security-report-spark-3.2.0-jre-11.csv
>
>
> Hi,
> running into security scan issue with docker image built on
> spark-3.2.0-bin-hadoop3.2, is there a way to resolve
>
> most issues related to https://issues.apache.org/jira/browse/HDFS-15333
> attaching the CVE report
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
