You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ranger.apache.org by pr...@apache.org on 2023/05/15 08:55:30 UTC

[ranger] branch master updated (54a2cd0a4 -> 576cb642a)

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


    from 54a2cd0a4 RANGER-4235: security-zone persistence optimized to avoid creation of unnecessary ref table entries
     new dd6954457 RANGER-4226: Upgrade Nimbus-JOSE-JWT and bcpkix-jdk15
     new 576cb642a RANGER-4232: Upgrade Spring Security to 5.7.8

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 distro/src/main/assembly/admin-web.xml |  2 +-
 plugin-ozone/pom.xml                   |  9 +++++++++
 pom.xml                                | 10 +++++-----
 ranger-ozone-plugin-shim/pom.xml       |  9 +++++++++
 4 files changed, 24 insertions(+), 6 deletions(-)

[ranger] 01/02: RANGER-4226: Upgrade Nimbus-JOSE-JWT and bcpkix-jdk15

Posted by pr...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit dd6954457e27c1d9a4c827c6afea8a3e0952448e
Author: Pradeep Agrawal <pr...@apache.org>
AuthorDate: Mon May 8 13:30:15 2023 +0530

    RANGER-4226: Upgrade Nimbus-JOSE-JWT and bcpkix-jdk15
---
 distro/src/main/assembly/admin-web.xml | 2 +-
 plugin-ozone/pom.xml                   | 9 +++++++++
 pom.xml                                | 8 ++++----
 ranger-ozone-plugin-shim/pom.xml       | 9 +++++++++
 4 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/distro/src/main/assembly/admin-web.xml b/distro/src/main/assembly/admin-web.xml
index b29b83347..245d9ca09 100644
--- a/distro/src/main/assembly/admin-web.xml
+++ b/distro/src/main/assembly/admin-web.xml
@@ -189,7 +189,7 @@
           <include>org.apache.ratis:ratis-proto:jar:${ratis.version}</include>
           <include>org.apache.ratis:ratis-thirdparty-misc:jar:${ratis-thirdparty.version}</include>
           <include>org.apache.commons:commons-compress:jar:1.4.1</include>
-          <include>org.bouncycastle:bcpkix-jdk15on</include>
+          <include>org.bouncycastle:bcpkix-jdk15on:jar:${org.bouncycastle.bcpkix-jdk15on}</include>
           <include>commons-net:commons-net:jar:${commons.net.version}</include>
           <include>com.google.guava:guava</include>
           <include>io.jaegertracing:jaeger-core:jar:1.6.0</include>
diff --git a/plugin-ozone/pom.xml b/plugin-ozone/pom.xml
index b832bd9a5..fa20ec382 100644
--- a/plugin-ozone/pom.xml
+++ b/plugin-ozone/pom.xml
@@ -88,6 +88,11 @@ limitations under the License.
             <artifactId>httpcore</artifactId>
             <version>${httpcomponents.httpcore.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk15on</artifactId>
+            <version>${org.bouncycastle.bcpkix-jdk15on}</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.ozone</groupId>
             <artifactId>ozone-common</artifactId>
@@ -104,6 +109,10 @@ limitations under the License.
             <artifactId>hdds-common</artifactId>
 	        <version>${ozone.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>
diff --git a/pom.xml b/pom.xml
index 32d19d42c..cd4d58fa4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -86,7 +86,7 @@
         <atlas.jackson.databind.version>2.11.3</atlas.jackson.databind.version>
         <atlas.jettison.version>1.3.7</atlas.jettison.version>
         <atlas.commons.logging.version>1.1.3</atlas.commons.logging.version>
-        <bouncycastle.version>1.55</bouncycastle.version>
+        <bouncycastle.version>1.70</bouncycastle.version>
         <c3p0.version>0.9.5.5</c3p0.version>
         <cglib.version>2.2.0-b23</cglib.version>
         <checkstyle.plugin.version>3.1.0</checkstyle.plugin.version>
@@ -241,12 +241,12 @@
         <com.microsoft.azure.adal4j.version>1.6.4</com.microsoft.azure.adal4j.version>
         <io.reactivex.rxjava.version>1.3.8</io.reactivex.rxjava.version>
         <net.minidev.asm.version>1.0.2</net.minidev.asm.version>
-        <org.bouncycastle.bcprov-jdk15on>1.68</org.bouncycastle.bcprov-jdk15on>
-        <org.bouncycastle.bcpkix-jdk15on>1.59</org.bouncycastle.bcpkix-jdk15on>
+        <org.bouncycastle.bcprov-jdk15on>1.70</org.bouncycastle.bcprov-jdk15on>
+        <org.bouncycastle.bcpkix-jdk15on>1.70</org.bouncycastle.bcpkix-jdk15on>
         <lucene.version>8.4.0</lucene.version>
         <hppc.version>0.8.0</hppc.version>
         <joda.time.version>2.10.6</joda.time.version>
-        <nimbus-jose-jwt.version>8.22.1</nimbus-jose-jwt.version>
+        <nimbus-jose-jwt.version>9.31</nimbus-jose-jwt.version>
         <aws-java-sdk.version>1.12.125</aws-java-sdk.version>
 
         <!-- GCP HSM -->
diff --git a/ranger-ozone-plugin-shim/pom.xml b/ranger-ozone-plugin-shim/pom.xml
index 303e7de51..de08a7c7d 100644
--- a/ranger-ozone-plugin-shim/pom.xml
+++ b/ranger-ozone-plugin-shim/pom.xml
@@ -77,6 +77,11 @@
             <artifactId>httpcore</artifactId>
             <version>${httpcomponents.httpcore.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk15on</artifactId>
+            <version>${org.bouncycastle.bcpkix-jdk15on}</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.ozone</groupId>
             <artifactId>ozone-common</artifactId>
@@ -93,6 +98,10 @@
             <artifactId>hdds-common</artifactId>
 	    <version>${ozone.version}</version>
             <exclusions>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.apache.logging.log4j</groupId>
                     <artifactId>*</artifactId>

[ranger] 02/02: RANGER-4232: Upgrade Spring Security to 5.7.8

Posted by pr...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 576cb642af672532fd789a9405c1c4ee4d42e43d
Author: Pradeep AgrawaL <pr...@apache.org>
AuthorDate: Mon May 15 10:32:46 2023 +0530

    RANGER-4232: Upgrade Spring Security to 5.7.8
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cd4d58fa4..29a38830e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -199,7 +199,7 @@
         <slf4j.version>1.7.32</slf4j.version>
         <solr.version>8.11.2</solr.version>
         <spring-ldap-core.version>2.3.8.RELEASE</spring-ldap-core.version>
-        <springframework.security.version>5.7.5</springframework.security.version>
+        <springframework.security.version>5.7.8</springframework.security.version>
         <springframework.test.version>5.3.27</springframework.test.version>
         <springframework.version>5.3.27</springframework.version>
         <sqoop.version>1.99.7</sqoop.version>