You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bookkeeper.apache.org by yo...@apache.org on 2021/10/26 01:18:10 UTC
[bookkeeper] 07/11: Upgraded dependencies with CVEs (#2792)
This is an automated email from the ASF dual-hosted git repository.
yong pushed a commit to branch branch-4.14
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
commit 911c2e9f51301a9c87689b12065ef259b0655bf0
Author: Raúl Gracia <ra...@emc.com>
AuthorDate: Wed Oct 13 17:51:57 2021 +0200
Upgraded dependencies with CVEs (#2792)
(cherry picked from commit 354cf37c919d756a47691cc710a6e8d2f1933f2b)
---
bookkeeper-dist/all/build.gradle | 2 +-
bookkeeper-dist/bkctl/build.gradle | 2 +-
bookkeeper-dist/server/build.gradle | 2 +-
bookkeeper-dist/src/assemble/bin-all.xml | 2 +-
bookkeeper-dist/src/assemble/bin-server.xml | 2 +-
bookkeeper-dist/src/assemble/bkctl.xml | 2 +-
.../src/main/resources/LICENSE-all.bin.txt | 25 +++++++++++-----------
.../src/main/resources/LICENSE-bkctl.bin.txt | 10 ++++-----
.../src/main/resources/LICENSE-server.bin.txt | 25 +++++++++++-----------
.../src/main/resources/NOTICE-all.bin.txt | 15 +++++++------
.../src/main/resources/NOTICE-server.bin.txt | 15 +++++++------
.../{slf4j-1.7.25 => slf4j-1.7.32}/LICENSE.txt | 0
dependencies.gradle | 8 +++----
pom.xml | 6 +++---
14 files changed, 60 insertions(+), 56 deletions(-)
diff --git a/bookkeeper-dist/all/build.gradle b/bookkeeper-dist/all/build.gradle
index 9252105..54f44d3 100644
--- a/bookkeeper-dist/all/build.gradle
+++ b/bookkeeper-dist/all/build.gradle
@@ -71,7 +71,7 @@ def depLicences = [
"scala-library-2.11.7/LICENSE.md",
"scala-parser-combinators_2.11-1.0.4/LICENSE.md",
"scala-reflect-2.11.8/LICENSE.md",
- "slf4j-1.7.25/LICENSE.txt",
+ "slf4j-1.7.32/LICENSE.txt",
]
distributions {
diff --git a/bookkeeper-dist/bkctl/build.gradle b/bookkeeper-dist/bkctl/build.gradle
index 23605ca..d31e3de 100644
--- a/bookkeeper-dist/bkctl/build.gradle
+++ b/bookkeeper-dist/bkctl/build.gradle
@@ -40,7 +40,7 @@ def depLicences = [
"bouncycastle-1.0.2/LICENSE.html",
"protobuf-3.14.0/LICENSE",
"protobuf-3.12.0/LICENSE",
- "slf4j-1.7.25/LICENSE.txt",
+ "slf4j-1.7.32/LICENSE.txt",
]
distributions {
diff --git a/bookkeeper-dist/server/build.gradle b/bookkeeper-dist/server/build.gradle
index 6b32e3d..ccdbb7f 100644
--- a/bookkeeper-dist/server/build.gradle
+++ b/bookkeeper-dist/server/build.gradle
@@ -64,7 +64,7 @@ def depLicences = [
"bouncycastle-1.0.2/LICENSE.html",
"protobuf-3.14.0/LICENSE",
"protobuf-3.12.0/LICENSE",
- "slf4j-1.7.25/LICENSE.txt",
+ "slf4j-1.7.32/LICENSE.txt",
]
distributions {
main {
diff --git a/bookkeeper-dist/src/assemble/bin-all.xml b/bookkeeper-dist/src/assemble/bin-all.xml
index af03d6d..24a242f 100644
--- a/bookkeeper-dist/src/assemble/bin-all.xml
+++ b/bookkeeper-dist/src/assemble/bin-all.xml
@@ -66,7 +66,7 @@
<include>scala-library-2.11.7/LICENSE.md</include>
<include>scala-parser-combinators_2.11-1.0.4/LICENSE.md</include>
<include>scala-reflect-2.11.8/LICENSE.md</include>
- <include>slf4j-1.7.25/LICENSE.txt</include>
+ <include>slf4j-1.7.32/LICENSE.txt</include>
</includes>
<fileMode>644</fileMode>
</fileSet>
diff --git a/bookkeeper-dist/src/assemble/bin-server.xml b/bookkeeper-dist/src/assemble/bin-server.xml
index 3e39afb..7157f39 100644
--- a/bookkeeper-dist/src/assemble/bin-server.xml
+++ b/bookkeeper-dist/src/assemble/bin-server.xml
@@ -56,7 +56,7 @@
<include>bouncycastle-1.0.2/LICENSE.html</include>
<include>protobuf-3.14.0/LICENSE</include>
<include>protobuf-3.12.0/LICENSE</include>
- <include>slf4j-1.7.25/LICENSE.txt</include>
+ <include>slf4j-1.7.32/LICENSE.txt</include>
</includes>
<fileMode>644</fileMode>
</fileSet>
diff --git a/bookkeeper-dist/src/assemble/bkctl.xml b/bookkeeper-dist/src/assemble/bkctl.xml
index 5e67dd3..73fffc5 100644
--- a/bookkeeper-dist/src/assemble/bkctl.xml
+++ b/bookkeeper-dist/src/assemble/bkctl.xml
@@ -70,7 +70,7 @@
<include>bouncycastle-1.0.2/LICENSE.html</include>
<include>protobuf-3.14.0/LICENSE</include>
<include>protobuf-3.12.0/LICENSE</include>
- <include>slf4j-1.7.25/LICENSE.txt</include>
+ <include>slf4j-1.7.32/LICENSE.txt</include>
</includes>
<fileMode>644</fileMode>
</fileSet>
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
index 1100a4f..104bd44 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
@@ -214,7 +214,7 @@ Apache Software License, Version 2.
- lib/commons-cli-commons-cli-1.2.jar [5]
- lib/commons-codec-commons-codec-1.6.jar [6]
- lib/commons-configuration-commons-configuration-1.10.jar [7]
-- lib/commons-io-commons-io-2.4.jar [8]
+- lib/commons-io-commons-io-2.7.jar [8]
- lib/commons-lang-commons-lang-2.6.jar [9]
- lib/commons-logging-commons-logging-1.1.1.jar [10]
- lib/io.netty-netty-buffer-4.1.63.Final.jar [11]
@@ -248,12 +248,13 @@ Apache Software License, Version 2.
- lib/org.apache.zookeeper-zookeeper-3.6.2.jar [21]
- lib/org.apache.zookeeper-zookeeper-jute-3.6.2.jar [21]
- lib/org.apache.zookeeper-zookeeper-3.6.2-tests.jar [21]
-- lib/org.eclipse.jetty-jetty-http-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-io-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-security-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-server-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-servlet-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar [22]
+- lib/org.eclipse.jetty-jetty-http-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-io-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-security-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-server-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-servlet-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.43.v20210629.jar [22]
- lib/org.rocksdb-rocksdbjni-6.16.4.jar [23]
- lib/com.beust-jcommander-1.78.jar [24]
- lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
@@ -322,7 +323,7 @@ Apache Software License, Version 2.
[19] Source available at https://git-wip-us.apache.org/repos/asf?p=commons-collections.git;a=tag;h=a3a5ad
[20] Source available at https://git-wip-us.apache.org/repos/asf?p=commons-lang.git;a=shortlog;h=refs/tags/LANG_3_6
[21] Source available at https://github.com/apache/zookeeper/tree/release-3.6.2
-[22] Source available at https://github.com/eclipse/jetty.project/tree/jetty-9.4.33.v20201020
+[22] Source available at https://github.com/eclipse/jetty.project/tree/jetty-9.4.43.v20210629
[23] Source available at https://github.com/facebook/rocksdb/tree/v6.16.4
[24] Source available at https://github.com/cbeust/jcommander/tree/1.78
[25] Source available at https://github.com/DataSketches/sketches-core/tree/sketches-0.8.3
@@ -634,12 +635,12 @@ Bundled as lib/javax.servlet-javax.servlet-api-4.0.0.jar
Source available at https://github.com/javaee/servlet-spec/tree/4.0.0
------------------------------------------------------------------------------------
This product bundles Simple Logging Facade for Java, which is available under a
-MIT license. For details, see deps/slf4j-1.7.25/LICENSE.txt.
+MIT license. For details, see deps/slf4j-1.7.32/LICENSE.txt.
Bundled as
- - lib/org.slf4j-slf4j-api-1.7.25.jar
- - lib/org.slf4j-slf4j-log4j12-1.7.25.jar
-Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.25
+ - lib/org.slf4j-slf4j-api-1.7.32.jar
+ - lib/org.slf4j-slf4j-log4j12-1.7.32.jar
+Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.32
------------------------------------------------------------------------------------
This product bundles the Google Auth Library, which is available under a "3-clause BSD"
license. For details, see deps/google-auth-library-credentials-0.20.0/LICENSE
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
index 5a89cab..7189cc0 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
@@ -214,7 +214,7 @@ Apache Software License, Version 2.
- lib/commons-cli-commons-cli-1.2.jar [5]
- lib/commons-codec-commons-codec-1.6.jar [6]
- lib/commons-configuration-commons-configuration-1.10.jar [7]
-- lib/commons-io-commons-io-2.4.jar [8]
+- lib/commons-io-commons-io-2.7.jar [8]
- lib/commons-lang-commons-lang-2.6.jar [9]
- lib/commons-logging-commons-logging-1.1.1.jar [10]
- lib/io.netty-netty-buffer-4.1.63.Final.jar [11]
@@ -561,12 +561,12 @@ Source available at https://github.com/protocolbuffers/protobuf/tree/v3.12.0
For details, see deps/protobuf-3.12.0/LICENSE.
------------------------------------------------------------------------------------
This product bundles Simple Logging Facade for Java, which is available under a
-MIT license. For details, see deps/slf4j-1.7.25/LICENSE.txt.
+MIT license. For details, see deps/slf4j-1.7.32/LICENSE.txt.
Bundled as
- - lib/org.slf4j-slf4j-api-1.7.25.jar
- - lib/org.slf4j-slf4j-log4j12-1.7.25.jar
-Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.25
+ - lib/org.slf4j-slf4j-api-1.7.32.jar
+ - lib/org.slf4j-slf4j-log4j12-1.7.32.jar
+Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.32
------------------------------------------------------------------------------------
This product bundles the Google Auth Library, which is available under a "3-clause BSD"
license. For details, see deps/google-auth-library-credentials-0.20.0/LICENSE
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
index e2474f7..290d937 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
@@ -214,7 +214,7 @@ Apache Software License, Version 2.
- lib/commons-cli-commons-cli-1.2.jar [5]
- lib/commons-codec-commons-codec-1.6.jar [6]
- lib/commons-configuration-commons-configuration-1.10.jar [7]
-- lib/commons-io-commons-io-2.4.jar [8]
+- lib/commons-io-commons-io-2.7.jar [8]
- lib/commons-lang-commons-lang-2.6.jar [9]
- lib/commons-logging-commons-logging-1.1.1.jar [10]
- lib/io.netty-netty-buffer-4.1.63.Final.jar [11]
@@ -248,12 +248,13 @@ Apache Software License, Version 2.
- lib/org.apache.zookeeper-zookeeper-3.6.2.jar [21]
- lib/org.apache.zookeeper-zookeeper-jute-3.6.2.jar [21]
- lib/org.apache.zookeeper-zookeeper-3.6.2-tests.jar [21]
-- lib/org.eclipse.jetty-jetty-http-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-io-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-security-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-server-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-servlet-9.4.33.v20201020.jar [22]
-- lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar [22]
+- lib/org.eclipse.jetty-jetty-http-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-io-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-security-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-server-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-servlet-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar [22]
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.43.v20210629.jar [22]
- lib/org.rocksdb-rocksdbjni-6.16.4.jar [23]
- lib/com.beust-jcommander-1.78.jar [24]
- lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
@@ -320,7 +321,7 @@ Apache Software License, Version 2.
[19] Source available at https://git-wip-us.apache.org/repos/asf?p=commons-collections.git;a=tag;h=a3a5ad
[20] Source available at https://git-wip-us.apache.org/repos/asf?p=commons-lang.git;a=shortlog;h=refs/tags/LANG_3_6
[21] Source available at https://github.com/apache/zookeeper/tree/release-3.6.2
-[22] Source available at https://github.com/eclipse/jetty.project/tree/jetty-9.4.33.v20201020
+[22] Source available at https://github.com/eclipse/jetty.project/tree/jetty-9.4.43.v20210629
[23] Source available at https://github.com/facebook/rocksdb/tree/v6.16.4
[24] Source available at https://github.com/cbeust/jcommander/tree/1.78
[25] Source available at https://github.com/DataSketches/sketches-core/tree/sketches-0.8.3
@@ -626,12 +627,12 @@ Bundled as lib/javax.servlet-javax.servlet-api-4.0.0.jar
Source available at https://github.com/javaee/servlet-spec/tree/4.0.0
------------------------------------------------------------------------------------
This product bundles Simple Logging Facade for Java, which is available under a
-MIT license. For details, see deps/slf4j-1.7.25/LICENSE.txt.
+MIT license. For details, see deps/slf4j-1.7.32/LICENSE.txt.
Bundled as
- - lib/org.slf4j-slf4j-api-1.7.25.jar
- - lib/org.slf4j-slf4j-log4j12-1.7.25.jar
-Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.25
+ - lib/org.slf4j-slf4j-api-1.7.32.jar
+ - lib/org.slf4j-slf4j-log4j12-1.7.32.jar
+Source available at https://github.com/qos-ch/slf4j/tree/v_1.7.32
------------------------------------------------------------------------------------
This product bundles the Google Auth Library, which is available under a "3-clause BSD"
license. For details, see deps/google-auth-library-credentials-0.20.0/LICENSE
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
index cefcd83..043c371 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
@@ -78,12 +78,13 @@ SoundCloud Ltd. (http://soundcloud.com/).
This product includes software developed as part of the
Ocelli project by Netflix Inc. (https://github.com/Netflix/ocelli/).
------------------------------------------------------------------------------------
-- lib/org.eclipse.jetty-jetty-http-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-io-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-security-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-server-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-servlet-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar
+- lib/org.eclipse.jetty-jetty-http-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-io-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-security-9.4.43.v20210629jar
+- lib/org.eclipse.jetty-jetty-server-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-servlet-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.43.v20210629.jar
==============================================================
Jetty Web Container
@@ -105,7 +106,7 @@ Jetty is dual licensed under both
Jetty may be distributed under either license.
-lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar bundles UnixCrypt
+lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar bundles UnixCrypt
The UnixCrypt.java code implements the one way cryptography used by
Unix systems for simple password protection. Copyright 1996 Aki Yoshida,
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
index 962bd11..0ede3b7 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
@@ -61,12 +61,13 @@ SoundCloud Ltd. (http://soundcloud.com/).
This product includes software developed as part of the
Ocelli project by Netflix Inc. (https://github.com/Netflix/ocelli/).
------------------------------------------------------------------------------------
-- lib/org.eclipse.jetty-jetty-http-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-io-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-security-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-server-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-servlet-9.4.33.v20201020.jar
-- lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar
+- lib/org.eclipse.jetty-jetty-http-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-io-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-security-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-server-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-servlet-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar
+- lib/org.eclipse.jetty-jetty-util-ajax-9.4.43.v20210629.jar
==============================================================
Jetty Web Container
@@ -88,7 +89,7 @@ Jetty is dual licensed under both
Jetty may be distributed under either license.
-lib/org.eclipse.jetty-jetty-util-9.4.33.v20201020.jar bundles UnixCrypt
+lib/org.eclipse.jetty-jetty-util-9.4.43.v20210629.jar bundles UnixCrypt
The UnixCrypt.java code implements the one way cryptography used by
Unix systems for simple password protection. Copyright 1996 Aki Yoshida,
diff --git a/bookkeeper-dist/src/main/resources/deps/slf4j-1.7.25/LICENSE.txt b/bookkeeper-dist/src/main/resources/deps/slf4j-1.7.32/LICENSE.txt
similarity index 100%
rename from bookkeeper-dist/src/main/resources/deps/slf4j-1.7.25/LICENSE.txt
rename to bookkeeper-dist/src/main/resources/deps/slf4j-1.7.32/LICENSE.txt
diff --git a/dependencies.gradle b/dependencies.gradle
index b0861df..1e12e79 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -25,13 +25,13 @@ depVersions = [
arquillianCubeDocker: "1.18.2",
arquillianJunit: "1.6.0.Final",
bcFips: "1.0.2",
- bouncycastle: "1.56",
+ bouncycastle: "1.69",
commonsCli: "1.4",
commonsCodec: "1.14",
commonsCollections4: "4.1",
commonsCompress: "1.19",
commonsConfiguration: "1.10",
- commonsIO: "2.4",
+ commonsIO: "2.7",
commonsLang2: "2.6",
commonsLang3: "3.6",
commonsBeanutils: "1.9.3",
@@ -50,7 +50,7 @@ depVersions = [
jackson: "2.11.1",
jcommander: "1.78",
jctools: "2.1.2",
- jetty: "9.4.31.v20200723",
+ jetty: "9.4.43.v20210629",
jmh: "1.19",
jmock: "2.8.2",
jna: "3.2.7",
@@ -58,7 +58,7 @@ depVersions = [
junit: "4.12",
junitFoundation: "11.0.0",
kerby: "1.1.1",
- log4j: "1.2.17",
+ log4j: "1.2.27",
lombok: "1.18.20",
lz4: "1.3.0",
mockito: "3.0.0",
diff --git a/pom.xml b/pom.xml
index de52ae6..a1cd50f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -122,7 +122,7 @@
<commons-compress.version>1.19</commons-compress.version>
<commons-lang.version>2.6</commons-lang.version>
<commons-lang3.version>3.6</commons-lang3.version>
- <commons-io.version>2.4</commons-io.version>
+ <commons-io.version>2.7</commons-io.version>
<bouncycastle.version>1.0.2</bouncycastle.version>
<curator.version>5.1.0</curator.version>
<dropwizard.version>3.2.5</dropwizard.version>
@@ -138,7 +138,7 @@
<hdrhistogram.version>2.1.10</hdrhistogram.version>
<jackson.version>2.11.0</jackson.version>
<jcommander.version>1.78</jcommander.version>
- <jetty.version>9.4.33.v20201020</jetty.version>
+ <jetty.version>9.4.43.v20210629</jetty.version>
<jmh.version>1.19</jmh.version>
<jmock.version>2.8.2</jmock.version>
<jna.version>3.2.7</jna.version>
@@ -160,7 +160,7 @@
<reflections.version>0.9.11</reflections.version>
<rocksdb.version>6.16.4</rocksdb.version>
<shrinkwrap.version>3.0.1</shrinkwrap.version>
- <slf4j.version>1.7.25</slf4j.version>
+ <slf4j.version>1.7.32</slf4j.version>
<snakeyaml.version>1.19</snakeyaml.version>
<spotbugs-annotations.version>3.1.8</spotbugs-annotations.version>
<javax-annotations-api.version>1.3.2</javax-annotations-api.version>