CarterFendley commented on PR #50583: URL: https://github.com/apache/spark/pull/50583#issuecomment-2803466246
@dongjoon-hyun @HyukjinKwon Yes I understand this. Although I would recommend an exception be made in this case. This is not a bug fix, this is a security patch. The issue in question [CVE-2025-30065](https://nvd.nist.gov/vuln/detail/CVE-2025-30065) currently has the **maximum severity vulnerability rating**. Spark 3.4 is only a little over a year old, and is likely to have many active users still. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org
