Apache
/
druid
mirror of https://github.com/apache/druid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
druid/extensions-core
History
Chi Cao Minh af74acaa85 Address security vulnerabilities CVSS >= 7 (#8980) 
* Address security vulnerabilities CVSS >= 7

Update dependencies to address security vulnerabilities with CVSS scores
of 7 or higher. A new Travis CI job is added to prevent new
high/critical security vulnerabilities from being added.

Updated dependencies:
- api-util 1.0.0 -> 1.0.3
- jackson 2.9.10 -> 2.10.1
- kafka 2.1.0 -> 2.1.1
- libthrift 0.10.0 -> 0.13.0
- protobuf 3.2.0 -> 3.11.0

The following high/critical security vulnerabilities are currently
suppressed (so that the new Travis CI job can be added now) and are left
as future work to fix:
- hibernate-validator:5.2.5
- jackson-mapper-asl:1.9.13
- libthrift:0.6.1
- netty:3.10.6
- nimbus-jose-jwt:4.41.1

* Rename EDL1 license file

* Fix inspection errors
 		2019-12-05 14:34:35 -08:00
..
avro-extensions Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
datasketches Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
druid-basic-security Address security vulnerabilities CVSS >= 7 (#8980) 2019-12-05 14:34:35 -08:00
druid-bloom-filter Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
druid-kerberos Exclude unneeded hadoop transitive dependencies (#8962) 2019-12-02 16:08:21 -08:00
ec2-extensions Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
google-extensions add 'prefixes' support to google input source (#8930) 2019-12-04 21:01:10 -08:00
hdfs-storage Exclude unneeded hadoop transitive dependencies (#8962) 2019-12-02 16:08:21 -08:00
histogram Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
kafka-extraction-namespace Address security vulnerabilities CVSS >= 7 (#8980) 2019-12-05 14:34:35 -08:00
kafka-indexing-service Additional Kinesis resharding fixes (#8870) 2019-11-28 12:59:01 -08:00
kinesis-indexing-service Additional Kinesis resharding fixes (#8870) 2019-11-28 12:59:01 -08:00
lookups-cached-global Address security vulnerabilities CVSS >= 7 (#8980) 2019-12-05 14:34:35 -08:00
lookups-cached-single Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
mysql-metadata-storage Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
orc-extensions unexclude necessary jackson mapper-asl jars (#8977) 2019-12-02 17:01:11 -08:00
parquet-extensions add hdfs client dependency for native batch parquet when using hdfs (#8964) 2019-11-28 13:12:45 -08:00
postgresql-metadata-storage Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
protobuf-extensions Address security vulnerabilities CVSS >= 7 (#8980) 2019-12-05 14:34:35 -08:00
s3-extensions add 'prefixes' support to google input source (#8930) 2019-12-04 21:01:10 -08:00
simple-client-sslcontext Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00
stats Revert "[maven-release-plugin] prepare release druid-0.16.1-incubating-rc1" 2019-11-27 23:22:43 -08:00