From f856611121b6f51d3fc1b1857ebd1dae235427fc Mon Sep 17 00:00:00 2001
From: PJ Fanning <pjfanning@users.noreply.github.com>
Date: Sat, 7 Jan 2023 00:35:50 +0100
Subject: [PATCH] HADOOP-18587: upgrade to jettison 1.5.3 due to cve (#5270)

Signed-off-by: Chris Nauroth <cnauroth@apache.org>
(cherry picked from commit b9eb760ed238a2ae57a0dbb8b7e95f54589325f2)
---
 LICENSE-binary         | 2 +-
 hadoop-project/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/LICENSE-binary b/LICENSE-binary
index f88b2b96f0b..7fcf8f3d983 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -345,7 +345,7 @@ org.apache.kerby:kerby-util:1.0.1
 org.apache.kerby:kerby-xdr:1.0.1
 org.apache.kerby:token-provider:1.0.1
 org.apache.yetus:audience-annotations:0.5.0
-org.codehaus.jettison:jettison:1.5.1
+org.codehaus.jettison:jettison:1.5.3
 org.eclipse.jetty:jetty-annotations:9.4.48.v20220622
 org.eclipse.jetty:jetty-http:9.4.48.v20220622
 org.eclipse.jetty:jetty-io:9.4.48.v20220622
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 2cdcfcf5598..e08f1bd8564 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -1505,7 +1505,7 @@
       <dependency>
         <groupId>org.codehaus.jettison</groupId>
         <artifactId>jettison</artifactId>
-        <version>1.5.1</version>
+        <version>1.5.3</version>
         <exclusions>
           <exclusion>
             <groupId>stax</groupId>