You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by ni...@apache.org on 2022/12/15 10:46:58 UTC

[pulsar] branch branch-2.11 updated: [fix][sec] Upgrade scala-library to get rid of CVE-2022-36944 (#18021)

This is an automated email from the ASF dual-hosted git repository.

nicoloboschi pushed a commit to branch branch-2.11
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/branch-2.11 by this push:
     new d8fa685a83f [fix][sec] Upgrade scala-library to get rid of CVE-2022-36944 (#18021)
d8fa685a83f is described below

commit d8fa685a83f38022de907104d40b0e9e78108f16
Author: Nicolò Boschi <bo...@gmail.com>
AuthorDate: Thu Dec 15 11:42:56 2022 +0100

    [fix][sec] Upgrade scala-library to get rid of CVE-2022-36944 (#18021)
    
    (cherry picked from commit 3011946a5c3b64ed7c08b6bfb1f6492f8aaaca9c)
---
 pom.xml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 750a5fd3547..7aa025f4356 100644
--- a/pom.xml
+++ b/pom.xml
@@ -173,7 +173,7 @@ flexible messaging model and an intuitive client API.</description>
     <elasticsearch-java.version>8.1.0</elasticsearch-java.version>
     <presto.version>334</presto.version>
     <scala.binary.version>2.13</scala.binary.version>
-    <scala-library.version>2.13.6</scala-library.version>
+    <scala-library.version>2.13.10</scala-library.version>
     <debezium.version>1.7.2.Final</debezium.version>
     <debezium.postgresql.version>42.4.1</debezium.postgresql.version>
     <debezium.mysql.version>8.0.28</debezium.mysql.version>
@@ -1306,6 +1306,18 @@ flexible messaging model and an intuitive client API.</description>
         <version>${roaringbitmap.version}</version>
       </dependency>
 
+      <dependency>
+        <groupId>org.scala-lang</groupId>
+        <artifactId>scala-library</artifactId>
+        <version>${scala-library.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.scala-lang</groupId>
+        <artifactId>scala-reflect</artifactId>
+        <version>${scala-library.version}</version>
+      </dependency>
+
     </dependencies>
   </dependencyManagement>