[SPARK-34988] Upgrade Jetty for CVE-2021-28165 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4.7, 3.0.2, 3.1.1, 3.2.0
Fix Version/s: 2.4.8, 3.0.3, 3.1.2, 3.2.0
Component/s: Spark Core
Labels:
None

Description

CVE-2021-28165 affects the version of Jetty that Spark uses and it seems to be a little bit serious.

Attachments

Issue Links

links to

[Github] Pull Request #32091 (sarutak)

[Github] Pull Request #32093 (sarutak)

[Github] Pull Request #32094 (sarutak)

[Github] Pull Request #32095 (sarutak)

Activity

People

Assignee:: Kousuke Saruta

Reporter:: Kousuke Saruta

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Apr/21 08:36

Updated:: 08/Apr/21 15:43

Resolved:: 08/Apr/21 10:59