Github user limansky commented on the issue:
https://github.com/apache/spark/pull/9759
Hi all. There are security issues in jackson-dataformat-xml prior to 2.7.4
and 2.8.0. Here are the links: FasterXML/jackson-dataformat-xml#199,
FasterXML/jackson-dataformat-xml#190. Even though Spar
Github user viirya commented on the issue:
https://github.com/apache/spark/pull/9759
@srowen Unfortunately, this fixing is only included since 2.8.1. Even
latest maintenance release 2.7.8 doesn't contain it.
---
If your project is set up for it, you can reply to this email and have y
Github user srowen commented on the issue:
https://github.com/apache/spark/pull/9759
@viirya to what version? if it's a maintenance release that's usually fine
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your proje
Github user viirya commented on the issue:
https://github.com/apache/spark/pull/9759
@srowen @rxin @zsxwing The Option json serialization issue
(https://github.com/FasterXML/jackson-module-scala/issues/240) looks like fixed
now. Do you think it is ok I try to upgrade Jackson now?
--
