[
https://issues.apache.org/jira/browse/SPARK-40457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17607949#comment-17607949
]
Bjørn Jørgensen edited comment on SPARK-40457 at 9/21/22 7:49 PM:
------------------------------------------------------------------
[~bilna123]
Yes, there are no version to upgrade to
https://github.com/bjornjorgensen/spark/security/dependabot/1 and it's for
hadoop version 2.
But do you find a new version and can you test it with hadoop version 2?
Edit:
Have a look at
https://issues.apache.org/jira/browse/HADOOP-17225?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&focusedCommentId=17305360#comment-17305360
was (Author: bjornjorgensen):
[~bilna123]
Yes, there are no version to upgrade to
https://github.com/bjornjorgensen/spark/security/dependabot/1 and it's for
hadoop version 2.
But do you find a new version and can you test it with hadoop version 2?
> upgrade jackson data mapper to latest
> --------------------------------------
>
> Key: SPARK-40457
> URL: https://issues.apache.org/jira/browse/SPARK-40457
> Project: Spark
> Issue Type: Improvement
> Components: SQL
> Affects Versions: 3.3.0
> Reporter: Bilna
> Priority: Major
>
> Upgrade jackson-mapper-asl to the latest to resolve CVE-2019-10172
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
