To anyone contemplating an upgrade of the Jetty component in use with Apache Spark, please be aware of CVE-2016-4800 <http://www.ocert.org/advisories/ocert-2016-001.html> , and ensure that you are attempting to only integrate a version of the Jetty 9.3 stream that is *9.3.9* /or later/.
Hopefully forewarned is forearmed; no need to expose vulnerabilities unnecessarily! ;-) -- View this message in context: http://apache-spark-developers-list.1001551.n3.nabble.com/Jetty-9-3-CVE-to-be-avoided-tp18151.html Sent from the Apache Spark Developers List mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe e-mail: dev-unsubscr...@spark.apache.org
