From e26b5d63b228729598351cb68935d6b776bb8267 Mon Sep 17 00:00:00 2001
From: Philip Hyunsu Cho <chohyu01@cs.washington.edu>
Date: Mon, 22 Oct 2018 10:15:30 -0700
Subject: [PATCH] [jvm-packages] Upgrade Scala to 2.11.12 to address
 CVE-2017-15288 (#3816)

A privilege escalation vulnerability (CVE-2017-15288) has been
identified in the Scala compilation daemon. See
https://nvd.nist.gov/vuln/detail/CVE-2017-15288

Fix: Upgrade Scala to 2.11.12.
---
 jvm-packages/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jvm-packages/pom.xml b/jvm-packages/pom.xml
index bc3e336a6..dfd0cb176 100644
--- a/jvm-packages/pom.xml
+++ b/jvm-packages/pom.xml
@@ -35,7 +35,7 @@
         <maven.compiler.target>1.7</maven.compiler.target>
         <flink.version>1.5.0</flink.version>
         <spark.version>2.3.1</spark.version>
-        <scala.version>2.11.8</scala.version>
+        <scala.version>2.11.12</scala.version>
         <scala.binary.version>2.11</scala.binary.version>
     </properties>
     <repositories>