You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tinkerpop.apache.org by sp...@apache.org on 2020/09/30 18:52:13 UTC

[tinkerpop] 01/02: Bumped snakeyaml to 1.27

This is an automated email from the ASF dual-hosted git repository.

spmallette pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tinkerpop.git

commit 5e4456bfe1507c6d358cc2f84e47ce817422c358
Author: Stephen Mallette <st...@amazon.com>
AuthorDate: Wed Sep 30 14:03:06 2020 -0400

    Bumped snakeyaml to 1.27
    
    Should fix CVE-2017-18640 CTR
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 5c90a1a..d725baa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -158,7 +158,7 @@ limitations under the License.
         <metrics.version>3.0.2</metrics.version>
         <netty.version>4.1.52.Final</netty.version>
         <slf4j.version>1.7.25</slf4j.version>
-        <snakeyaml.version>1.15</snakeyaml.version>
+        <snakeyaml.version>1.27</snakeyaml.version>
         <spark.version>2.4.0</spark.version>
 
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>