[SPARK-28713] Bump checkstyle from 8.14 to 8.23 - ASF JIRA

Log work

Agile Board

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

Delete

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4.3
Fix Version/s: 2.4.4, 3.0.0
Component/s: Spark Core
Labels:
None

Description

From the GitHub Security Advisory Database:

Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information.

Affected versions: < 8.18

Attachments

Issue Links

Add Link

links to

GitHub Pull Request #25432

Delete this link

GitHub Pull Request #25437

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Fokko Driesprong Assign to me

Reporter:: Fokko Driesprong

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13/Aug/19 14:56

Updated:: 01/Sep/19 06:29

Resolved:: 13/Aug/19 18:12

Agile

View on Board

Bump checkstyle from 8.14 to 8.23

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment