You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by st...@apache.org on 2022/07/27 14:17:45 UTC
[hadoop] branch branch-3.3.4 updated: HADOOP-18354. Upgrade reload4j to 1.22.2 due to XXE vulnerability (#4607).
This is an automated email from the ASF dual-hosted git repository.
stevel pushed a commit to branch branch-3.3.4
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.3.4 by this push:
new 897be3a619d HADOOP-18354. Upgrade reload4j to 1.22.2 due to XXE vulnerability (#4607).
897be3a619d is described below
commit 897be3a619d0c56e10c451fb833c01cb31d50c87
Author: PJ Fanning <pj...@users.noreply.github.com>
AuthorDate: Sun Jul 24 11:31:47 2022 +0100
HADOOP-18354. Upgrade reload4j to 1.22.2 due to XXE vulnerability (#4607).
Contributed by PJ Fanning.
Signed-off-by: Ayush Saxena <ay...@apache.org>
---
LICENSE-binary | 2 +-
hadoop-project/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index 92ae2579b04..f36b8ca2030 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -208,7 +208,7 @@ License Version 2.0:
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/checker/AbstractFuture.java
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/checker/TimeoutFuture.java
-ch.qos.reload4j:reload4j:1.2.18.3
+ch.qos.reload4j:reload4j:1.2.22
com.aliyun:aliyun-java-sdk-core:3.4.0
com.aliyun:aliyun-java-sdk-ecs:4.2.0
com.aliyun:aliyun-java-sdk-ram:3.0.0
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index c5e21508c51..dde1e649732 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -79,7 +79,7 @@
<!-- SLF4J/LOG4J version -->
<slf4j.version>1.7.36</slf4j.version>
- <reload4j.version>1.2.18.3</reload4j.version>
+ <reload4j.version>1.2.22</reload4j.version>
<!-- com.google.re2j version -->
<re2j.version>1.1</re2j.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org