HADOOP-18561. Update commons-net to 3.9.0 (#5214)
Addresses CVE-2021-37533, which *only* relates to FTP. Applications not using the ftp:// filesystem, which, as anyone who has used it will know is very minimal and so rarely used, is not a critical part of the project. Furthermore, the FTP-related issue is at worst information leakage if someone connects to a malicious server. This is a due diligence PR rather than an emergency fix. Contributed by Steve Loughran
This commit is contained in:
parent
29b6df563b
commit
223046cb64
|
@ -254,7 +254,7 @@ commons-collections:commons-collections:3.2.2
|
|||
commons-daemon:commons-daemon:1.0.13
|
||||
commons-io:commons-io:2.8.0
|
||||
commons-logging:commons-logging:1.1.3
|
||||
commons-net:commons-net:3.6
|
||||
commons-net:commons-net:3.9.0
|
||||
de.ruedigermoeller:fst:2.50
|
||||
io.dropwizard.metrics:metrics-core:3.2.4
|
||||
io.grpc:grpc-api:1.26.0
|
||||
|
|
|
@ -126,7 +126,7 @@
|
|||
<commons-logging.version>1.1.3</commons-logging.version>
|
||||
<commons-logging-api.version>1.1</commons-logging-api.version>
|
||||
<commons-math3.version>3.1.1</commons-math3.version>
|
||||
<commons-net.version>3.6</commons-net.version>
|
||||
<commons-net.version>3.9.0</commons-net.version>
|
||||
<commons-text.version>1.10.0</commons-text.version>
|
||||
|
||||
<kerby.version>1.0.1</kerby.version>
|
||||
|
|
Loading…
Reference in New Issue