You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@impala.apache.org by ar...@apache.org on 2022/10/06 00:19:05 UTC
[impala] 01/02: IMPALA-11639: Upgrade Spring framework to 5.3.20
This is an automated email from the ASF dual-hosted git repository.
arawat pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git
commit 010f1b943c57178b26b86361cefe5a4f4273714d
Author: wzhou-code <wz...@cloudera.com>
AuthorDate: Tue Oct 4 12:33:30 2022 -0700
IMPALA-11639: Upgrade Spring framework to 5.3.20
This patch upgrade the Spring framework to 5.3.20 to
address multiple CVEs:
- CVE-2022-22971
- CVE-2022-22968
- CVE-2022-22970
Testing:
- Ran core job
- Ran custom cluster tests in exhaustive mode
Change-Id: I33f4f1d22fc27227e31d744658a17c16b61b9677
Reviewed-on: http://gerrit.cloudera.org:8080/19091
Reviewed-by: Joe McDonnell <jo...@cloudera.com>
Tested-by: Impala Public Jenkins <im...@cloudera.com>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 5e0e6356a..d3d49ff91 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -74,7 +74,7 @@ under the License.
but bcprov-jdk15on matches the versions from pac4j 4.5.5. -->
<xmlsec.version>2.2.3</xmlsec.version>
<bcprov-jdk15on.version>1.68</bcprov-jdk15on.version>
- <springframework.version>5.3.18</springframework.version>
+ <springframework.version>5.3.20</springframework.version>
<json-smart.version>2.4.7</json-smart.version>
</properties>