You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by ni...@apache.org on 2022/10/17 21:09:59 UTC
[pulsar] branch master updated: [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
This is an automated email from the ASF dual-hosted git repository.
nicoloboschi pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new 9acafc9b908 [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
9acafc9b908 is described below
commit 9acafc9b9084cbb127ce5669236bdd5dd8e85a0f
Author: Nicolò Boschi <bo...@gmail.com>
AuthorDate: Mon Oct 17 23:09:50 2022 +0200
[fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
* [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149
* fix
---
pom.xml | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/pom.xml b/pom.xml
index d0c9cbf7b0a..e663de77942 100644
--- a/pom.xml
+++ b/pom.xml
@@ -247,6 +247,7 @@ flexible messaging model and an intuitive client API.</description>
<objenesis.version>3.1</objenesis.version>
<awaitility.version>4.2.0</awaitility.version>
<reload4j.version>1.2.22</reload4j.version>
+ <jettison.version>1.5.1</jettison.version>
<!-- Plugin dependencies -->
<protobuf-maven-plugin.version>0.6.1</protobuf-maven-plugin.version>
@@ -798,6 +799,13 @@ flexible messaging model and an intuitive client API.</description>
<scope>import</scope>
</dependency>
+ <dependency>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ <version>${jettison.version}</version>
+ </dependency>
+
+
<dependency>
<groupId>org.hdrhistogram</groupId>
<artifactId>HdrHistogram</artifactId>