From 4b729c0118823ef99b602e5f1e48943b209cbc73 Mon Sep 17 00:00:00 2001
From: Philippe Deslauriers <philde@chainguard.dev>
Date: Sat, 6 Apr 2024 03:30:24 +0000
Subject: [PATCH] spark-3.5: Resolve CVE-2024-23944 and CVE-2024-29025

Signed-off-by: Philippe Deslauriers <philde@chainguard.dev>
---
 spark-3.5.yaml                    | 2 +-
 spark-3.5/pombump-properties.yaml | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/spark-3.5.yaml b/spark-3.5.yaml
index 33497b23c00..71e14a0b52b 100644
--- a/spark-3.5.yaml
+++ b/spark-3.5.yaml
@@ -1,7 +1,7 @@
 package:
   name: spark-3.5
   version: 3.5.1
-  epoch: 2
+  epoch: 3
   description: Unified engine for large-scale data analytics
   copyright:
     - license: Apache-2.0
diff --git a/spark-3.5/pombump-properties.yaml b/spark-3.5/pombump-properties.yaml
index f2233a14394..64bb3db8363 100644
--- a/spark-3.5/pombump-properties.yaml
+++ b/spark-3.5/pombump-properties.yaml
@@ -14,4 +14,6 @@ properties:
   - property: guava.version
     value: "32.0.1-jre"
   - property: netty.version
-    value: 4.1.107.Final
+    value: "4.1.108.Final"
+  - property: zookeeper.version
+    value: "3.8.4"