out.
Thanks,
Eric
On Mon, Jun 21, 2021 at 5:45 PM Eric Richardson
wrote:
> Ok, that sounds like a plan. I will gather what I found and either reach
> out on the security channel and/or try and upgrade with a pull request.
>
> Thanks for pointing me in the right direction.
>
&
>> a valid vulnerability the best path forward is likely reaching out to
>> private@ to figure out how to do a security release.
>>
>> On Mon, Jun 21, 2021 at 4:42 PM Eric Richardson
>> wrote:
>>
>>> Thanks for the quick reply. Yes, since it is included
ly their own Jackson.
>
> If someone had a legit view that this is potentially more serious I think
> we could _probably backport that update, but Jackson can be a little bit
> tricky with compatibility IIRC so would just bear some testing.
>
>
> On Mon, Jun 21, 2021 at 5:27 PM
Hi,
I am working with Spark 3.1.2 and getting several vulnerabilities popping
up. I am wondering if the Spark distros are scanned etc. and how people
resolve these.
For example. I am finding - https://nvd.nist.gov/vuln/detail/CVE-2020-25649
This looks like it is fixed in 2.11.0 -
https://github.
unsubscribe
; Jenkins jobs have been running against Scala 2.11:
>
> [INFO] --- scala-maven-plugin:3.2.2:testCompile (scala-test-compile-first) @
> java8-tests_2.11 ---
>
>
> FYI
>
>
> On Mon, May 16, 2016 at 2:45 PM, Eric Richardson
> wrote:
>
>> On Thu, May 12, 2016 at
On Thu, May 12, 2016 at 9:23 PM, Luciano Resende
wrote:
> Spark has moved to build using Scala 2.11 by default in master/trunk.
>
Does this mean that the pre-built binaries for download will also move to
2.11 as well?
>
>
> As for the 2.0.0-SNAPSHOT, it is actually the version of master/trunk
