Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-29446

Upgrade netty-all to 4.1.42 and fix vulnerabilities.

Rank to TopRank to BottomAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 3.0.0
    • None
    • Build
    • None

    Description

      The current code uses io.netty:netty-all:jar:4.1.17 and it will cause a security vulnerabilities. We could get some security info fromĀ https://www.tenable.com/cve/CVE-2019-16869.
      This reference remind to upgrate the version of netty-all to 4.1.42 or later.

      Attachments

        Issue Links

        duplicates

        Task - A task that needs to be done. SPARK-29445 Bump netty-all from 4.1.39.Final to 4.1.42.Final

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            beliefer Jiaan Geng
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment