You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@inlong.apache.org by go...@apache.org on 2022/04/01 12:13:39 UTC
[incubator-inlong] branch master updated: [INLONG-3503] upgrade spring due to CVE (#3505)
This is an automated email from the ASF dual-hosted git repository.
gosonzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-inlong.git
The following commit(s) were added to refs/heads/master by this push:
new 6777ba1 [INLONG-3503] upgrade spring due to CVE (#3505)
6777ba1 is described below
commit 6777ba17774a0064aeb788367d289f14bc45720b
Author: PJ Fanning <pj...@users.noreply.github.com>
AuthorDate: Fri Apr 1 14:13:32 2022 +0200
[INLONG-3503] upgrade spring due to CVE (#3505)
---
inlong-audit/pom.xml | 6 +++---
inlong-tubemq/pom.xml | 11 ++++++-----
inlong-tubemq/tubemq-manager/pom.xml | 2 +-
licenses/inlong-tubemq/licenses-server/LICENSE | 18 +++++++++---------
licenses/inlong-tubemq/licenses-server/NOTICE | 18 +++++++++---------
5 files changed, 28 insertions(+), 27 deletions(-)
diff --git a/inlong-audit/pom.xml b/inlong-audit/pom.xml
index feda75d..1d82cbf 100644
--- a/inlong-audit/pom.xml
+++ b/inlong-audit/pom.xml
@@ -54,15 +54,15 @@
<protobuf-version>3.19.4</protobuf-version>
<mybatis.starter.version>2.1.3</mybatis.starter.version>
<mysql.version>8.0.20</mysql.version>
- <spring.boot.version>2.6.0</spring.boot.version>
- <spring.version>5.3.15</spring.version>
+ <spring.boot.version>2.6.6</spring.boot.version>
+ <spring.version>5.3.18</spring.version>
<druid.version>1.2.6</druid.version>
<elasticsearch.version>6.8.23</elasticsearch.version>
<gson.version>2.8.6</gson.version>
<jackson.version>2.12.3</jackson.version>
<junit.version>4.12</junit.version>
<autoconfigure.version>2.4.3</autoconfigure.version>
- <spring.plugin.version>2.6.3</spring.plugin.version>
+ <spring.plugin.version>2.6.6</spring.plugin.version>
</properties>
<dependencyManagement>
diff --git a/inlong-tubemq/pom.xml b/inlong-tubemq/pom.xml
index b1551a7..043d7ac 100644
--- a/inlong-tubemq/pom.xml
+++ b/inlong-tubemq/pom.xml
@@ -82,7 +82,8 @@
<je.version>7.3.7</je.version>
<gson.version>2.8.5</gson.version>
<slf4j.version>1.7.36</slf4j.version>
- <spring.boot.version>2.6.3</spring.boot.version>
+ <spring.version>5.3.18</spring.version>
+ <spring.boot.version>2.6.6</spring.boot.version>
</properties>
<repositories>
@@ -304,22 +305,22 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
- <version>5.3.15</version>
+ <version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
- <version>5.3.15</version>
+ <version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
- <version>5.3.15</version>
+ <version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
- <version>5.3.15</version>
+ <version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty</groupId>
diff --git a/inlong-tubemq/tubemq-manager/pom.xml b/inlong-tubemq/tubemq-manager/pom.xml
index dcef1d5..21e7949 100644
--- a/inlong-tubemq/tubemq-manager/pom.xml
+++ b/inlong-tubemq/tubemq-manager/pom.xml
@@ -35,7 +35,7 @@
<docker.image.prefix>springboot-docker</docker.image.prefix>
<swagger.version>3.0.0</swagger.version>
<swagger-annotations.version>1.6.2</swagger-annotations.version>
- <spring-boot.version>2.6.3</spring-boot.version>
+ <spring-boot.version>2.6.6</spring-boot.version>
<lombok.version>1.18.22</lombok.version>
</properties>
diff --git a/licenses/inlong-tubemq/licenses-server/LICENSE b/licenses/inlong-tubemq/licenses-server/LICENSE
index b142110..ea38bca 100644
--- a/licenses/inlong-tubemq/licenses-server/LICENSE
+++ b/licenses/inlong-tubemq/licenses-server/LICENSE
@@ -233,15 +233,15 @@ Apache License Version 2.0:
log4j 1.2.17: https://mvnrepository.com/artifact/log4j/log4j/1.2.17, Apache 2.0
netty 3.10.6.Final: https://github.com/netty, Apache 2.0
reload4j 1.2.19: https://reload4j.qos.ch, Apache 2.0
- spring-aop 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-beans 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-context 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-core 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-expression 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-jcl 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-jdbc 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-orm 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
- spring-tx 5.3.15: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-aop 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-beans 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-context 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-core 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-expression 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-jcl 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-jdbc 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-orm 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
+ spring-tx 5.3.18: https://github.com/spring-projects/spring-framework, Apache 2.0
velocity-engine-core 2.3: https://github.com/apache/velocity-engine, Apache 2.0
velocity-tools-generic 3.1: https://github.com/apache/velocity-tools, Apache 2.0
zookeeper 3.4.14: https://github.com/apache/zookeeper, Apache 2.0
diff --git a/licenses/inlong-tubemq/licenses-server/NOTICE b/licenses/inlong-tubemq/licenses-server/NOTICE
index 94173fe..8dfe52f 100644
--- a/licenses/inlong-tubemq/licenses-server/NOTICE
+++ b/licenses/inlong-tubemq/licenses-server/NOTICE
@@ -1269,7 +1269,7 @@ spring-aop NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1289,7 +1289,7 @@ spring-beans NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1309,7 +1309,7 @@ spring-context NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1329,7 +1329,7 @@ spring-core NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1349,7 +1349,7 @@ spring-expression NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1369,7 +1369,7 @@ spring-jcl NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1389,7 +1389,7 @@ spring-jdbc NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1409,7 +1409,7 @@ spring-orm NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
@@ -1429,7 +1429,7 @@ spring-tx NOTICE
========================================================================
-Spring Framework 5.3.15
+Spring Framework 5.3.18
Copyright (c) 2002-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0