You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by ni...@apache.org on 2022/10/18 07:40:35 UTC
[pulsar] branch branch-2.9 updated: [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
This is an automated email from the ASF dual-hosted git repository.
nicoloboschi pushed a commit to branch branch-2.9
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-2.9 by this push:
new b53bc51027b [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
b53bc51027b is described below
commit b53bc51027b192ae42b68308f8b03950e2ec2a6d
Author: Nicolò Boschi <bo...@gmail.com>
AuthorDate: Mon Oct 17 23:09:50 2022 +0200
[fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149 (#18022)
* [fix][sec] File tiered storage: upgrade jettison to get rid of CVE-2022-40149
* fix
(cherry picked from commit 9acafc9b9084cbb127ce5669236bdd5dd8e85a0f)
---
pom.xml | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 3754b2b29d9..8f25966ae56 100644
--- a/pom.xml
+++ b/pom.xml
@@ -223,7 +223,7 @@ flexible messaging model and an intuitive client API.</description>
<failsafe.version>2.3.1</failsafe.version>
<skyscreamer.version>1.5.0</skyscreamer.version>
<objenesis.version>3.1</objenesis.version>
- <awaitility.version>4.0.3</awaitility.version>
+ <jettison.version>1.5.1</jettison.version>
<!-- Plugin dependencies -->
<protobuf-maven-plugin.version>0.6.1</protobuf-maven-plugin.version>
@@ -798,6 +798,13 @@ flexible messaging model and an intuitive client API.</description>
<scope>import</scope>
</dependency>
+ <dependency>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ <version>${jettison.version}</version>
+ </dependency>
+
+
<dependency>
<groupId>org.hdrhistogram</groupId>
<artifactId>HdrHistogram</artifactId>