You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by ha...@apache.org on 2021/12/28 01:17:24 UTC
[iotdb] 01/01: [IOTDB-2209] Fix logback CVE-2021-42550 issue
This is an automated email from the ASF dual-hosted git repository.
haonan pushed a commit to branch IOTDB2209
in repository https://gitbox.apache.org/repos/asf/iotdb.git
commit 3e6e0373be82e60dc8be72fed7e6525e8262f4eb
Author: HTHou <hh...@outlook.com>
AuthorDate: Tue Dec 28 09:16:26 2021 +0800
[IOTDB-2209] Fix logback CVE-2021-42550 issue
---
LICENSE-binary | 4 ++--
pom.xml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index de449d9..9845489 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -290,8 +290,8 @@ org.slf4j:jcl-over-slf4j:1.7.25
EPL 1.0
------------
com.h2database:h2-mvstore:1.4.199
-ch.qos.logback:logback-classic:1.2.3
-ch.qos.logback:logback-core:1.2.3
+ch.qos.logback:logback-classic:1.2.10
+ch.qos.logback:logback-core:1.2.10
CDDL 1.1
diff --git a/pom.xml b/pom.xml
index 5396f9c..ed8ad9b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -120,7 +120,7 @@
<hive2.version>2.3.6</hive2.version>
<junit.version>4.13.2</junit.version>
<slf4j.version>1.7.12</slf4j.version>
- <logback.version>1.2.3</logback.version>
+ <logback.version>1.2.10</logback.version>
<joda.version>2.9.9</joda.version>
<spark.version>2.4.3</spark.version>
<flink.version>1.14.0</flink.version>