You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by pe...@apache.org on 2021/06/25 04:24:33 UTC

[pulsar] 03/09: [Security] Upgrade k8s client-java to 12.0.1 (#10866)

This is an automated email from the ASF dual-hosted git repository.

penghui pushed a commit to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git

commit 0ee56e2af6decfe28cb6b83e3ccab8e6abecc4e0
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Fri Jun 18 09:03:30 2021 +0300

    [Security] Upgrade k8s client-java to 12.0.1 (#10866)
    
    ### Motivation
    
    - address security vulnerability CVE-2021-25738 which has been reported as https://github.com/kubernetes-client/java/issues/1698
    
    ### Modifications
    
    - upgrade kubernetes client-java to 12.0.1
    
    (cherry picked from commit 43f4e4446fb163db2659551e0084718623e85d05)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 6 +++---
 pom.xml                                          | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt
index 949e88f..bf113ee 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -489,9 +489,9 @@ The Apache Software License, Version 2.0
   * @FreeBuilder
     - org.inferred-freebuilder-1.14.9.jar
   * Kubernetes Client
-    - io.kubernetes-client-java-12.0.0.jar
-    - io.kubernetes-client-java-api-12.0.0.jar
-    - io.kubernetes-client-java-proto-12.0.0.jar
+    - io.kubernetes-client-java-12.0.1.jar
+    - io.kubernetes-client-java-api-12.0.1.jar
+    - io.kubernetes-client-java-proto-12.0.1.jar
   * Dropwizard
     - io.dropwizard.metrics-metrics-core-3.2.5.jar
     - io.dropwizard.metrics-metrics-graphite-3.2.5.jar
diff --git a/pom.xml b/pom.xml
index f5c3ffe..207c509 100644
--- a/pom.xml
+++ b/pom.xml
@@ -190,7 +190,7 @@ flexible messaging model and an intuitive client API.</description>
     <jakarta.xml.bind.version>2.3.3</jakarta.xml.bind.version>
     <jakarta.validation.version>2.0.2</jakarta.validation.version>
     <jna.version>4.2.0</jna.version>
-    <kubernetesclient.version>12.0.0</kubernetesclient.version>
+    <kubernetesclient.version>12.0.1</kubernetesclient.version>
     <nsq-client.version>1.0</nsq-client.version>
     <cron-utils.version>9.1.3</cron-utils.version>
     <spring-context.version>5.3.1</spring-context.version>