[SPARK-37615] Upgrade SBT to 1.5.6 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.2.1, 3.3.0
Fix Version/s: 3.2.1, 3.3.0
Component/s: Build
Labels:
None

Description

This issue aims to upgrade SBT to 1.5.6.

https://github.com/sbt/sbt/releases/tag/v1.5.6

SBT 1.5.6 updates log4j 2 to 2.15.0, which fixes remote code execution vulnerability (CVE-2021-44228)

This only affects build servers.

Attachments

Issue Links

links to

[Github] Pull Request #34869 (williamhyun)

[Github] Pull Request #34870 (dongjoon-hyun)

[Github] Pull Request #34870 (dongjoon-hyun)

Activity

People

Assignee:: William Hyun

Reporter:: William Hyun

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 12/Dec/21 04:00

Updated:: 12/Dec/21 05:34

Resolved:: 12/Dec/21 05:25