spark-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Hellberg <>
Subject Jetty 9.3 CVE to be avoided...
Date Fri, 01 Jul 2016 16:03:20 GMT
To anyone contemplating an upgrade of the Jetty component in use with Apache
Spark, please be aware of  CVE-2016-4800
<>  , and ensure that you
are attempting to only integrate a version of the Jetty 9.3 stream that is
*9.3.9* /or later/.

Hopefully forewarned is forearmed; no need to expose vulnerabilities
unnecessarily!  ;-)

View this message in context:
Sent from the Apache Spark Developers List mailing list archive at

To unsubscribe e-mail:

View raw message