[ https://issues.apache.org/jira/browse/SPARK-46257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17805059#comment-17805059 ]
Laurenceau Julien commented on SPARK-46257: ------------------------------------------- Yes you are right. The only version that fix this vuln currently released on maven central is : [10.17.1.0|https://mvnrepository.com/artifact/org.apache.derby/derby/10.17.1.0] [https://mvnrepository.com/artifact/org.apache.derby/derby] Do you think it will be possible to upgrade to 10.17.x for spark 4.0.0 ? > Upgrade Derby to 10.16.1.1 > -------------------------- > > Key: SPARK-46257 > URL: https://issues.apache.org/jira/browse/SPARK-46257 > Project: Spark > Issue Type: Sub-task > Components: Build > Affects Versions: 4.0.0 > Reporter: Yang Jie > Assignee: Yang Jie > Priority: Major > Labels: pull-request-available > Fix For: 4.0.0 > > > https://db.apache.org/derby/releases/release-10_16_1_1.cgi -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org