[SPARK-36129] Upgrade commons-compress to 1.21 to deal with CVEs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.4.8, 3.0.3, 3.1.2, 3.2.0, 3.3.0
Fix Version/s: 3.2.0, 3.1.3, 3.0.4
Component/s: Build
Labels:
None

Description

Some CVEs which affect commons-compress 1.20 are reported and fixed in 1.21.
https://commons.apache.org/proper/commons-compress/security-reports.html

Attachments

Issue Links

links to

[Github] Pull Request #33333 (sarutak)

[Github] Pull Request #33333 (sarutak)

[Github] Pull Request #33337 (sarutak)

[Github] Pull Request #33338 (sarutak)

Activity

People

Assignee:: Kousuke Saruta

Reporter:: Kousuke Saruta

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 14/Jul/21 03:14

Updated:: 14/Jul/21 14:02

Resolved:: 14/Jul/21 05:53