You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2018/08/09 16:19:02 UTC
[ambari] branch branch-2.7 updated: [AMBARI-24415] Remove
dependencies with CVE issues from Ambari Server
This is an automated email from the ASF dual-hosted git repository.
rlevas pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new 3a691dd [AMBARI-24415] Remove dependencies with CVE issues from Ambari Server
3a691dd is described below
commit 3a691ddb39f6fae45921cb20a7af65879aa7462b
Author: Robert Levas <rl...@hortonworks.com>
AuthorDate: Wed Aug 8 11:08:23 2018 -0400
[AMBARI-24415] Remove dependencies with CVE issues from Ambari Server
---
ambari-project/pom.xml | 11 ++++++-----
ambari-server/pom.xml | 4 ++--
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index ba98a7c..a2eb328 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -37,7 +37,8 @@
<swagger.maven.plugin.version>3.1.4</swagger.maven.plugin.version>
<slf4j.version>1.7.20</slf4j.version>
<guice.version>4.1.0</guice.version>
- <spring.version>4.3.16.RELEASE</spring.version>
+ <spring.version>4.3.17.RELEASE</spring.version>
+ <spring.security.version>4.2.7.RELEASE</spring.security.version>
<fasterxml.jackson.version>2.9.5</fasterxml.jackson.version>
<postgres.version>42.2.2</postgres.version>
<forkCount>4</forkCount>
@@ -163,17 +164,17 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
- <version>4.2.4.RELEASE</version>
+ <version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
- <version>4.2.4.RELEASE</version>
+ <version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
- <version>4.2.4.RELEASE</version>
+ <version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security.kerberos</groupId>
@@ -189,7 +190,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
- <version>4.1.1.RELEASE</version>
+ <version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index 5f0e10b..142e6c4 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1732,7 +1732,7 @@
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
- <version>0.1.45</version>
+ <version>0.1.54</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
@@ -1791,7 +1791,7 @@
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>libpam4j</artifactId>
- <version>1.8</version>
+ <version>1.10</version>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>