You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by lu...@apache.org on 2021/08/04 11:51:00 UTC
[drill] branch master updated: Bump commons-compress from 1.20 to
1.21 for CVE-2021-36090
This is an automated email from the ASF dual-hosted git repository.
luoc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/drill.git
The following commit(s) were added to refs/heads/master by this push:
new 1c31f5c Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090
1c31f5c is described below
commit 1c31f5cefb45f5d054244045c22c2c16b8383d40
Author: luoc <lu...@apache.org>
AuthorDate: Wed Aug 4 13:16:47 2021 +0800
Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090
---
exec/jdbc-all/pom.xml | 4 ++++
pom.xml | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/exec/jdbc-all/pom.xml b/exec/jdbc-all/pom.xml
index 73c34ca..7506d94 100644
--- a/exec/jdbc-all/pom.xml
+++ b/exec/jdbc-all/pom.xml
@@ -180,6 +180,10 @@
<groupId>org.owasp.encoder</groupId>
<artifactId>encoder</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-compress</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/pom.xml b/pom.xml
index f5767f4..4d02592 100644
--- a/pom.xml
+++ b/pom.xml
@@ -114,7 +114,7 @@
<javax.el.version>3.0.0</javax.el.version>
<surefire.version>3.0.0-M5</surefire.version>
<jna.version>5.8.0</jna.version>
- <commons.compress.version>1.20</commons.compress.version>
+ <commons.compress.version>1.21</commons.compress.version>
<hikari.version>4.0.3</hikari.version>
<netty.version>4.1.59.Final</netty.version>
<httpclient.version>4.5.13</httpclient.version>