You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ay...@apache.org on 2021/04/16 07:23:23 UTC
[hadoop] branch branch-3.3 updated: HADOOP-17633. Bump json-smart
to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs (#2895). Contributed by
Viraj Jasani.
This is an automated email from the ASF dual-hosted git repository.
ayushsaxena pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.3 by this push:
new 49f6326 HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs (#2895). Contributed by Viraj Jasani.
49f6326 is described below
commit 49f6326a9f86e6d0db8543356f1020024eb7dbab
Author: Viraj Jasani <vj...@apache.org>
AuthorDate: Fri Apr 16 12:36:01 2021 +0530
HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs (#2895). Contributed by Viraj Jasani.
Signed-off-by: Ayush Saxena <ay...@apache.org>
---
LICENSE-binary | 4 ++--
hadoop-project/pom.xml | 6 ++++--
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index 0aac03b..4fa65d5 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -240,7 +240,7 @@ com.google.guava:guava:20.0
com.google.guava:guava:27.0-jre
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
com.microsoft.azure:azure-storage:7.0.0
-com.nimbusds:nimbus-jose-jwt:4.41.1
+com.nimbusds:nimbus-jose-jwt:9.8.1
com.squareup.okhttp:okhttp:2.7.5
com.squareup.okio:okio:1.6.0
com.zaxxer:HikariCP-java7:2.4.12
@@ -283,7 +283,7 @@ javax.inject:javax.inject:1
log4j:log4j:1.2.17
net.java.dev.jna:jna:5.2.0
net.minidev:accessors-smart:1.2
-net.minidev:json-smart:2.3
+net.minidev:json-smart:2.4.2
org.apache.avro:avro:1.7.7
org.apache.commons:commons-collections4:4.2
org.apache.commons:commons-compress:1.19
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 46221ab..6d244e7 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -211,6 +211,8 @@
<solr.version>7.7.0</solr.version>
<openssl-wildfly.version>1.0.7.Final</openssl-wildfly.version>
<woodstox.version>5.3.0</woodstox.version>
+ <json-smart.version>2.4.2</json-smart.version>
+ <nimbus-jose-jwt.version>9.8.1</nimbus-jose-jwt.version>
</properties>
<dependencyManagement>
@@ -1555,7 +1557,7 @@
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
- <version>7.9</version>
+ <version>${nimbus-jose-jwt.version}</version>
<scope>compile</scope>
<exclusions>
<exclusion>
@@ -1578,7 +1580,7 @@
-->
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
- <version>2.3</version>
+ <version>${json-smart.version}</version>
</dependency>
<dependency>
<groupId>org.skyscreamer</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org