HADOOP-18676. Fixing jettison vulnerability of hadoop-common lib (#5507)
* HADOOP-18587. Fixing jettison vulnerability of hadoop-common lib * no need for excluding, let it come Change-Id: Ia6e4ad351158dd4b0510dec34bbde531a60e7654
This commit is contained in:
parent
69748aae32
commit
72b0122706
|
@ -175,6 +175,14 @@
|
||||||
</exclusion>
|
</exclusion>
|
||||||
</exclusions>
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<!--
|
||||||
|
adding jettison as direct dependency (as jersey-json's jettison dependency is vulnerable with verison 1.1),
|
||||||
|
so those who depends on hadoop-common externally will get the non-vulnerable jettison
|
||||||
|
-->
|
||||||
|
<groupId>org.codehaus.jettison</groupId>
|
||||||
|
<artifactId>jettison</artifactId>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.sun.jersey</groupId>
|
<groupId>com.sun.jersey</groupId>
|
||||||
<artifactId>jersey-server</artifactId>
|
<artifactId>jersey-server</artifactId>
|
||||||
|
|
Loading…
Reference in New Issue