Details
-
Dependency upgrade
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
3.0.0
-
None
-
None
Description
The current code uses io.netty:netty-all:jar:4.1.17 and it will cause a security vulnerabilities. We could get some security info fromĀ https://www.tenable.com/cve/CVE-2019-16869.
This reference remind to upgrate the version of netty-all to 4.1.42 or later.
Attachments
Issue Links
- duplicates
-
SPARK-29445 Bump netty-all from 4.1.39.Final to 4.1.42.Final
- Resolved