2022 12:37 PM
To: Sean Owen
Cc: Pastrana, Rodrigo (RIS-BCT) ;
dev@spark.apache.org
Subject: Re: CVE-2022-42889
You don't often get email from ste...@cloudera.com<mailto:ste...@cloudera.com>.
Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
*** Exter
Thanks again Sean!
From: Sean Owen
Sent: Thursday, October 27, 2022 11:56 AM
To: Pastrana, Rodrigo (RIS-BCT)
Cc: dev@spark.apache.org
Subject: Re: CVE-2022-42889
You don't often get email from sro...@gmail.com<mailto:sro...@gmail.com>. Learn
why this is important<https
y.html (likely because Spark determined
>> it is not affected?)
>>
>>
>>
>> *From:* Sean Owen
>> *Sent:* Thursday, October 27, 2022 10:27 AM
>> *To:* Pastrana, Rodrigo (RIS-BCT)
>>
>> *Cc:* dev@spark.apache.org
>> *Subject:* Re: CVE-2022-42
> *To:* Pastrana, Rodrigo (RIS-BCT)
>
> *Cc:* dev@spark.apache.org
> *Subject:* Re: CVE-2022-42889
>
>
>
> You don't often get email from sro...@gmail.com. Learn why this is
> important <https://aka.ms/LearnAboutSenderIdentification>
>
> External email: use cauti
Probably a few months between maintenance releases.
It does not appear to affect Spark, however.
On Thu, Oct 27, 2022 at 9:24 AM Pastrana, Rodrigo (RIS-BCT)
wrote:
> Hello,
>
> This issue (SPARK-40801)
> <https://issues.apache.org/jira/browse/SPARK-40801> which addresse
Hello,
This issue (SPARK-40801)<https://issues.apache.org/jira/browse/SPARK-40801>
which addresses CVE-2022-42889 doesn't seem to have been included in the latest
release (3.3.1<https://spark.apache.org/releases/spark-release-3-3-1.html>).
Is there a way to estimate a timeline f