You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by zh...@apache.org on 2023/02/28 09:30:48 UTC
[pulsar] 02/02: [fix][sec] Upgrade scala-library to get rid of CVE-2022-36944 (#18021)
This is an automated email from the ASF dual-hosted git repository.
zhaocong pushed a commit to branch branch-2.9
in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit be3bc7ee96148333ab3c51f821a2417fe0115b51
Author: Nicolò Boschi <bo...@gmail.com>
AuthorDate: Thu Dec 15 18:42:56 2022 +0800
[fix][sec] Upgrade scala-library to get rid of CVE-2022-36944 (#18021)
(cherry picked from commit 3011946a5c3b64ed7c08b6bfb1f6492f8aaaca9c)
---
pom.xml | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 3d27afe22c3..9543ada7260 100644
--- a/pom.xml
+++ b/pom.xml
@@ -157,7 +157,7 @@ flexible messaging model and an intuitive client API.</description>
<elasticsearch.version>7.9.1</elasticsearch.version>
<presto.version>332</presto.version>
<scala.binary.version>2.13</scala.binary.version>
- <scala-library.version>2.13.6</scala-library.version>
+ <scala-library.version>2.13.10</scala-library.version>
<debezium.version>1.7.1.Final</debezium.version>
<debezium.postgresql.version>42.4.1</debezium.postgresql.version>
<jsonwebtoken.version>0.11.1</jsonwebtoken.version>
@@ -1276,6 +1276,18 @@ flexible messaging model and an intuitive client API.</description>
<version>${snakeyaml.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.scala-lang</groupId>
+ <artifactId>scala-library</artifactId>
+ <version>${scala-library.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.scala-lang</groupId>
+ <artifactId>scala-reflect</artifactId>
+ <version>${scala-library.version}</version>
+ </dependency>
+
</dependencies>
</dependencyManagement>