HADOOP-18484. Upgrade hsqldb to v2.7.1 to mitigate CVE-2022-41853 (#4991)

2022-11-02 07:41:27 +00:00 · 2022-11-02 07:41:27 +00:00 · e62ba16a02
parent 83acb55981
commit e62ba16a02
6 changed files with 7 additions and 2 deletions
--- a/2
+++ b/2
@ -523,7 +523,7 @@ junit:junit:4.13.2
 HSQL License
 ------------

-org.hsqldb:hsqldb:2.5.2
+org.hsqldb:hsqldb:2.7.1


 JDOM License
--- a/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-jobclient/pom.xml
+++ b/hadoop-mapreduce-project/hadoop-mapreduce-client/hadoop-mapreduce-client-jobclient/pom.xml
@ -110,6 +110,7 @@
      <groupId>org.hsqldb</groupId>
      <artifactId>hsqldb</artifactId>
      <scope>test</scope>
+      <classifier>jdk8</classifier>
    </dependency>
    <!-- 'mvn dependency:analyze' fails to detect use of this dependency -->
    <dependency>
--- a/hadoop-mapreduce-project/hadoop-mapreduce-examples/pom.xml
+++ b/hadoop-mapreduce-project/hadoop-mapreduce-examples/pom.xml
@ -112,6 +112,7 @@
       <groupId>org.hsqldb</groupId>
       <artifactId>hsqldb</artifactId>
       <scope>provided</scope>
+       <classifier>jdk8</classifier>
     </dependency>
     <dependency>
      <groupId>org.apache.hadoop.thirdparty</groupId>
--- a/hadoop-mapreduce-project/pom.xml
+++ b/hadoop-mapreduce-project/pom.xml
@ -146,6 +146,7 @@
      <groupId>org.hsqldb</groupId>
      <artifactId>hsqldb</artifactId>
      <scope>compile</scope>
+      <classifier>jdk8</classifier>
    </dependency>
    <dependency>
      <groupId>${leveldbjni.group}</groupId>
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@ -185,7 +185,7 @@
    <make-maven-plugin.version>1.0-beta-1</make-maven-plugin.version>
    <surefire.fork.timeout>900</surefire.fork.timeout>
    <aws-java-sdk.version>1.12.316</aws-java-sdk.version>
-    <hsqldb.version>2.5.2</hsqldb.version>
+    <hsqldb.version>2.7.1</hsqldb.version>
    <frontend-maven-plugin.version>1.11.2</frontend-maven-plugin.version>
    <jasmine-maven-plugin.version>2.1</jasmine-maven-plugin.version>
    <phantomjs-maven-plugin.version>0.7</phantomjs-maven-plugin.version>
@ -1470,6 +1470,7 @@
        <groupId>org.hsqldb</groupId>
        <artifactId>hsqldb</artifactId>
        <version>${hsqldb.version}</version>
+        <classifier>jdk8</classifier>
      </dependency>
      <dependency>
        <groupId>io.dropwizard.metrics</groupId>
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/pom.xml
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/pom.xml
@ -144,6 +144,7 @@
      <groupId>org.hsqldb</groupId>
      <artifactId>hsqldb</artifactId>
      <scope>test</scope>
+      <classifier>jdk8</classifier>
    </dependency>
    <dependency>
      <groupId>com.microsoft.sqlserver</groupId>