[ https://issues.apache.org/jira/browse/SPARK-37626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17458173#comment-17458173 ]
Yuming Wang commented on SPARK-37626: ------------------------------------- We need to upgrade to 0.16.0 because we need [this patch|https://github.com/apache/thrift/pull/2470]. > Upgrade libthrift to 1.15.0 > --------------------------- > > Key: SPARK-37626 > URL: https://issues.apache.org/jira/browse/SPARK-37626 > Project: Spark > Issue Type: Bug > Components: Build > Affects Versions: 3.3.0 > Reporter: Bo Zhang > Priority: Major > Fix For: 3.3.0 > > > Upgrade libthrift to 1.15.0 in order to avoid > https://nvd.nist.gov/vuln/detail/CVE-2020-13949. -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org