You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@avro.apache.org by ie...@apache.org on 2019/02/06 08:40:16 UTC
[avro] branch master updated: [AVRO-2314] Bump protobuf to 3.6.1
This is an automated email from the ASF dual-hosted git repository.
iemejia pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/avro.git
The following commit(s) were added to refs/heads/master by this push:
new 6b5963d [AVRO-2314] Bump protobuf to 3.6.1
6b5963d is described below
commit 6b5963d64e8c339c5266b6b14c707ea9cb10f8fa
Author: Fokko Driesprong <fo...@godatadriven.com>
AuthorDate: Tue Feb 5 23:38:51 2019 +0100
[AVRO-2314] Bump protobuf to 3.6.1
There is an outstanding CVE on 3.4.0+
https://ossindex.sonatype.org/vuln/d47d20ab-eb2a-4cfd-8064-bbf6283649cb
---
lang/java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lang/java/pom.xml b/lang/java/pom.xml
index 4f5b600..28d1fe6 100644
--- a/lang/java/pom.xml
+++ b/lang/java/pom.xml
@@ -44,7 +44,7 @@
<jopt-simple.version>5.0.4</jopt-simple.version>
<junit.version>4.12</junit.version>
<netty.version>3.10.6.Final</netty.version>
- <protobuf.version>2.6.1</protobuf.version>
+ <protobuf.version>3.6.1</protobuf.version>
<thrift.version>0.11.0</thrift.version>
<slf4j.version>1.7.25</slf4j.version>
<snappy.version>1.1.7.2</snappy.version>