Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs (#2895). Contributed by Viraj Jasani. 

Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
This commit is contained in:
Viraj Jasani 2021-04-16 12:36:01 +05:30 committed by Ayush Saxena
parent 8daa26d2e5
commit 49f6326a9f
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
LICENSE-binary
View File

@ -240,7 +240,7 @@ com.google.guava:guava:20.0
com.google.guava:guava:27.0-jre
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
com.microsoft.azure:azure-storage:7.0.0
com.nimbusds:nimbus-jose-jwt:4.41.1
com.nimbusds:nimbus-jose-jwt:9.8.1
com.squareup.okhttp:okhttp:2.7.5
com.squareup.okio:okio:1.6.0
com.zaxxer:HikariCP-java7:2.4.12
@ -283,7 +283,7 @@ javax.inject:javax.inject:1
log4j:log4j:1.2.17
net.java.dev.jna:jna:5.2.0
net.minidev:accessors-smart:1.2
net.minidev:json-smart:2.3
net.minidev:json-smart:2.4.2
org.apache.avro:avro:1.7.7
org.apache.commons:commons-collections4:4.2
org.apache.commons:commons-compress:1.19

6
hadoop-project/pom.xml
View File

@ -211,6 +211,8 @@
<solr.version>7.7.0</solr.version>
<openssl-wildfly.version>1.0.7.Final</openssl-wildfly.version>
<woodstox.version>5.3.0</woodstox.version>
<json-smart.version>2.4.2</json-smart.version>
<nimbus-jose-jwt.version>9.8.1</nimbus-jose-jwt.version>
</properties>
<dependencyManagement>
@ -1555,7 +1557,7 @@
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>7.9</version>
<version>${nimbus-jose-jwt.version}</version>
<scope>compile</scope>
<exclusions>
<exclusion>
@ -1578,7 +1580,7 @@
-->
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
<version>2.3</version>
<version>${json-smart.version}</version>
</dependency>
<dependency>
<groupId>org.skyscreamer</groupId>