zml1206 commented on PR #52284: URL: https://github.com/apache/spark/pull/52284#issuecomment-3272634174
> Oh, Apache Spark is not affected because we don't use those `*-common` jars. You can simply remove the CVE information from the PR description, @zml1206 . We can merge this as a normal dependency upgrade in order to bring other bug fixes. > > Maybe, could you add a release note link if available? Updated, thanks -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org
