HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs (#2895). Contributed by Viraj Jasani.

Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>
This commit is contained in:
Viraj Jasani 2021-04-16 12:36:01 +05:30 committed by Ayush Saxena
parent 8daa26d2e5
commit 49f6326a9f
2 changed files with 6 additions and 4 deletions

View File

@ -240,7 +240,7 @@ com.google.guava:guava:20.0
com.google.guava:guava:27.0-jre com.google.guava:guava:27.0-jre
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
com.microsoft.azure:azure-storage:7.0.0 com.microsoft.azure:azure-storage:7.0.0
com.nimbusds:nimbus-jose-jwt:4.41.1 com.nimbusds:nimbus-jose-jwt:9.8.1
com.squareup.okhttp:okhttp:2.7.5 com.squareup.okhttp:okhttp:2.7.5
com.squareup.okio:okio:1.6.0 com.squareup.okio:okio:1.6.0
com.zaxxer:HikariCP-java7:2.4.12 com.zaxxer:HikariCP-java7:2.4.12
@ -283,7 +283,7 @@ javax.inject:javax.inject:1
log4j:log4j:1.2.17 log4j:log4j:1.2.17
net.java.dev.jna:jna:5.2.0 net.java.dev.jna:jna:5.2.0
net.minidev:accessors-smart:1.2 net.minidev:accessors-smart:1.2
net.minidev:json-smart:2.3 net.minidev:json-smart:2.4.2
org.apache.avro:avro:1.7.7 org.apache.avro:avro:1.7.7
org.apache.commons:commons-collections4:4.2 org.apache.commons:commons-collections4:4.2
org.apache.commons:commons-compress:1.19 org.apache.commons:commons-compress:1.19

View File

@ -211,6 +211,8 @@
<solr.version>7.7.0</solr.version> <solr.version>7.7.0</solr.version>
<openssl-wildfly.version>1.0.7.Final</openssl-wildfly.version> <openssl-wildfly.version>1.0.7.Final</openssl-wildfly.version>
<woodstox.version>5.3.0</woodstox.version> <woodstox.version>5.3.0</woodstox.version>
<json-smart.version>2.4.2</json-smart.version>
<nimbus-jose-jwt.version>9.8.1</nimbus-jose-jwt.version>
</properties> </properties>
<dependencyManagement> <dependencyManagement>
@ -1555,7 +1557,7 @@
<dependency> <dependency>
<groupId>com.nimbusds</groupId> <groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId> <artifactId>nimbus-jose-jwt</artifactId>
<version>7.9</version> <version>${nimbus-jose-jwt.version}</version>
<scope>compile</scope> <scope>compile</scope>
<exclusions> <exclusions>
<exclusion> <exclusion>
@ -1578,7 +1580,7 @@
--> -->
<groupId>net.minidev</groupId> <groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId> <artifactId>json-smart</artifactId>
<version>2.3</version> <version>${json-smart.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.skyscreamer</groupId> <groupId>org.skyscreamer</groupId>