You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by jo...@apache.org on 2022/12/01 19:04:49 UTC
[nifi] branch support/nifi-1.19 updated (2b9b9ebb09 -> 36e20e31d1)
This is an automated email from the ASF dual-hosted git repository.
joewitt pushed a change to branch support/nifi-1.19
in repository https://gitbox.apache.org/repos/asf/nifi.git
from 2b9b9ebb09 NIFI-10919 Corrected SCRAM SASL Mechanism for Kafka Components
new 6ed6092285 NIFI-10923 This closes #6745. Upgraded Apache SSHD to 2.9.2
new 36e20e31d1 NIFI-10912 This closes #6742. Upgrade JSLT To 0.1.14
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
nifi-nar-bundles/nifi-jslt-bundle/pom.xml | 2 +-
nifi-nar-bundles/nifi-standard-bundle/pom.xml | 5 +++--
nifi-registry/pom.xml | 12 ++++++++++++
pom.xml | 2 ++
4 files changed, 18 insertions(+), 3 deletions(-)
[nifi] 02/02: NIFI-10912 This closes #6742. Upgrade JSLT To 0.1.14
Posted by jo...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
joewitt pushed a commit to branch support/nifi-1.19
in repository https://gitbox.apache.org/repos/asf/nifi.git
commit 36e20e31d1c47cf59a69f5549061b3df2a4db2f9
Author: mr1716 <ms...@rit.edu>
AuthorDate: Wed Nov 30 13:22:52 2022 -0500
NIFI-10912 This closes #6742. Upgrade JSLT To 0.1.14
Signed-off-by: Joe Witt <jo...@apache.org>
---
nifi-nar-bundles/nifi-jslt-bundle/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/nifi-nar-bundles/nifi-jslt-bundle/pom.xml b/nifi-nar-bundles/nifi-jslt-bundle/pom.xml
index 6824d50da0..74eb400261 100644
--- a/nifi-nar-bundles/nifi-jslt-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-jslt-bundle/pom.xml
@@ -37,7 +37,7 @@
<dependency>
<groupId>com.schibsted.spt.data</groupId>
<artifactId>jslt</artifactId>
- <version>0.1.13</version>
+ <version>0.1.14</version>
</dependency>
</dependencies>
</dependencyManagement>
[nifi] 01/02: NIFI-10923 This closes #6745. Upgraded Apache SSHD to 2.9.2
Posted by jo...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
joewitt pushed a commit to branch support/nifi-1.19
in repository https://gitbox.apache.org/repos/asf/nifi.git
commit 6ed609228514944e121669a8f695ef04d359f956
Author: exceptionfactory <ex...@apache.org>
AuthorDate: Thu Dec 1 12:40:54 2022 -0600
NIFI-10923 This closes #6745. Upgraded Apache SSHD to 2.9.2
Signed-off-by: Joe Witt <jo...@apache.org>
---
nifi-nar-bundles/nifi-standard-bundle/pom.xml | 5 +++--
nifi-registry/pom.xml | 12 ++++++++++++
pom.xml | 2 ++
3 files changed, 17 insertions(+), 2 deletions(-)
diff --git a/nifi-nar-bundles/nifi-standard-bundle/pom.xml b/nifi-nar-bundles/nifi-standard-bundle/pom.xml
index 080df69a0a..38cd556d85 100644
--- a/nifi-nar-bundles/nifi-standard-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-bundle/pom.xml
@@ -35,6 +35,7 @@
<properties>
<yammer.metrics.version>2.2.0</yammer.metrics.version>
<jolt.version>0.1.7</jolt.version>
+ <org.apache.sshd.version>2.9.2</org.apache.sshd.version>
</properties>
<dependencyManagement>
<dependencies>
@@ -303,12 +304,12 @@
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
- <version>2.8.0</version>
+ <version>${org.apache.sshd.version}</version>
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-sftp</artifactId>
- <version>2.8.0</version>
+ <version>${org.apache.sshd.version}</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
diff --git a/nifi-registry/pom.xml b/nifi-registry/pom.xml
index e6544b09f1..f53dce0f6c 100644
--- a/nifi-registry/pom.xml
+++ b/nifi-registry/pom.xml
@@ -43,6 +43,7 @@
<groovy.eclipse.compiler.version>3.4.0-01</groovy.eclipse.compiler.version>
<jaxb.version>2.3.2</jaxb.version>
<jgit.version>5.13.1.202206130422-r</jgit.version>
+ <org.apache.sshd.version>2.9.2</org.apache.sshd.version>
</properties>
<dependencyManagement>
@@ -241,6 +242,17 @@
</exclusion>
</exclusions>
</dependency>
+ <!-- Override transitive SSHD version from JGit -->
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-osgi</artifactId>
+ <version>${org.apache.sshd.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-sftp</artifactId>
+ <version>${org.apache.sshd.version}</version>
+ </dependency>
</dependencies>
</dependencyManagement>
diff --git a/pom.xml b/pom.xml
index dc8edd1bba..733c2bc458 100644
--- a/pom.xml
+++ b/pom.xml
@@ -970,6 +970,8 @@
<exclude>org.bouncycastle:bcpkix-jdk15on</exclude>
<exclude>org.bouncycastle:bcutil-jdk15on</exclude>
<exclude>org.bouncycastle:bcmail-jdk15on</exclude>
+ <!-- Exclude SSHD 2.9.1 and earlier due to CVE-2022-45047 -->
+ <exclude>org.apache.sshd:*:[,2.9.1]</exclude>
</excludes>
<includes>
<!-- Versions of JSR305 after 3.0.1 are allowed https://github.com/findbugsproject/findbugs/issues/128 -->