try

Author: zhengruifeng

security.md

@@ -43,6 +43,14 @@ internet or untrusted networks. We recommend access within trusted networks (com
 private cloud environments), using restrict access to the Spark cluster with robust authentication, 
 authorization, and network controls.
 
+<h3>Is loading a machine learning model secure? Who is responsible for model security?</h3> 
+
+Loading an Apache Spark ML model is equivalent to loading and executing code within the Spark runtime.
+
+Spark ML models may contain serialized objects, custom transformers, user-defined expressions, and execution graphs. During model loading, Spark deserializes these components, reconstructs the pipeline, and instantiates runtime objects. This process can invoke executable logic on the Spark driver and executors. As a result, a malicious or tampered model may execute arbitrary code, access sensitive data, or compromise cluster nodes.
+
+End users must treat Spark ML models with the same level of caution and security scrutiny as any third-party software. This includes verifying the source, validating integrity, and applying appropriate isolation and security controls before loading or deploying a model.
+
 <h2>Known security issues</h2>
 
 <h3 id="CVE-2023-32007">CVE-2023-32007: Apache Spark shell command injection vulnerability via Spark UI</h3>

site/docs/3.5.6/api/R/reference/groupedData.html

@@ -1,8 +1,8 @@
 <html>
   <head>
-    <meta http-equiv="refresh" content="0;URL=https://spark.apache.org/docs/3.5.6/api/R/reference/column_nonaggregate_functions.html" />
+    <meta http-equiv="refresh" content="0;URL=https://spark.apache.org/docs/3.5.6/api/R/reference/columnfunctions.html" />
     <meta name="robots" content="noindex">
-    <link rel="canonical" href="https://spark.apache.org/docs/3.5.6/api/R/reference/column_nonaggregate_functions.html">
+    <link rel="canonical" href="https://spark.apache.org/docs/3.5.6/api/R/reference/columnfunctions.html">
   </head>
 </html>