mirror of
https://github.com/apache/nifi.git
synced 2025-02-28 14:39:10 +00:00
NIFI-11355 Upgraded Couchbase Client from 2.5.8 to 2.7.23
- Suppressed vulnerability findings related to Couchbase Server Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #7094.
This commit is contained in:
exceptionfactory
Pierre Villard
parent
2dbb8f25f3
commit
5214097c59
@ -219,4 +219,14 @@
|
||||
<packageUrl regex="true">^pkg:maven/com\.google\.api\.grpc/grpc\-google\-cloud\-pubsublite\-v1@.*$</packageUrl>
|
||||
<cpe>cpe:/a:grpc:grpc</cpe>
|
||||
</suppress>
|
||||
<suppress>
|
||||
<notes>CVE-2020-9040 applies to Couchbase Server not the client library</notes>
|
||||
<packageUrl regex="true">^pkg:maven/com\.couchbase\.client/core\-io@.*$</packageUrl>
|
||||
<vulnerabilityName>CVE-2020-9040</vulnerabilityName>
|
||||
</suppress>
|
||||
<suppress>
|
||||
<notes>CVE-2022-41881 applies to HA Proxy components in Netty which are not used in Couchbase or other components</notes>
|
||||
<packageUrl regex="true">^pkg:maven/io\.netty/.*$</packageUrl>
|
||||
<cve>CVE-2022-41881</cve>
|
||||
</suppress>
|
||||
</suppressions>
|
||||
|
||||
@ -33,7 +33,6 @@
|
||||
<dependency>
|
||||
<groupId>com.couchbase.client</groupId>
|
||||
<artifactId>java-client</artifactId>
|
||||
<version>2.5.8</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
||||
@ -31,4 +31,18 @@
|
||||
<module>nifi-couchbase-processors</module>
|
||||
<module>nifi-couchbase-nar</module>
|
||||
</modules>
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.couchbase.client</groupId>
|
||||
<artifactId>java-client</artifactId>
|
||||
<version>2.7.23</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.couchbase.client</groupId>
|
||||
<artifactId>core-io</artifactId>
|
||||
<version>1.7.24</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
</project>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user