[SPARK-11652][CORE] Remote code execution with InvokerTransformer
Update to Commons Collections 3.2.2 to avoid any potential remote code execution vulnerability Author: Sean Owen <sowen@cloudera.com> Closes #9731 from srowen/SPARK-11652.
This commit is contained in:
parent
e62820c85f
commit
9631ca3527
7
pom.xml
7
pom.xml
|
@ -162,6 +162,8 @@
|
|||
<!-- commons-httpclient/commons-httpclient-->
|
||||
<httpclient.classic.version>3.1</httpclient.classic.version>
|
||||
<commons.math3.version>3.4.1</commons.math3.version>
|
||||
<!-- managed up from 3.2.1 for SPARK-11652 -->
|
||||
<commons.collections.version>3.2.2</commons.collections.version>
|
||||
<scala.version>2.10.5</scala.version>
|
||||
<scala.binary.version>2.10</scala.binary.version>
|
||||
<jline.version>${scala.version}</jline.version>
|
||||
|
@ -475,6 +477,11 @@
|
|||
<artifactId>commons-math3</artifactId>
|
||||
<version>${commons.math3.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-collections</artifactId>
|
||||
<version>${commons.collections.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.ivy</groupId>
|
||||
<artifactId>ivy</artifactId>
|
||||
|
|
Loading…
Reference in a new issue