See
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/422/display/redirect?page=changes>
Changes:
[andor] ZOOKEEPER-3410: zkTxnLogToolkit.sh will throw the NPE and stop the
------------------------------------------
[...truncated 20.64 KB...]
build-generated:
[javac] Compiling 66 source files to
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/classes>
[javac] warning: [options] bootstrap class path not set in conjunction with
-source 8
[javac] 1 warning
compile:
[javac] Compiling 319 source files to
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/classes>
[javac] warning: [options] bootstrap class path not set in conjunction with
-source 8
[javac]
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/zookeeper-server/src/main/java/org/apache/zookeeper/server/NIOServerCnxn.java>:263:
warning: [cast] redundant cast to ByteBuffer
[javac] b = (ByteBuffer) b.slice().limit(
[javac] ^
[javac]
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/zookeeper-server/src/main/java/org/apache/zookeeper/server/persistence/FilePadding.java>:78:
warning: [cast] redundant cast to ByteBuffer
[javac] fileChannel.write((ByteBuffer) fill.position(0),
newFileSize - fill.remaining());
[javac] ^
[javac] 3 warnings
compile-test:
[mkdir] Created dir:
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/test/classes>
[javac] Compiling 289 source files to
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/test/classes>
[javac] warning: [options] bootstrap class path not set in conjunction with
-source 8
[javac] 1 warning
[javac] Compiling 11 source files to
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/test/classes>
[javac] warning: [options] bootstrap class path not set in conjunction with
-source 8
[javac] Note: Some input files use or override a deprecated API.
[javac] Note: Recompile with -Xlint:deprecation for details.
[javac] 1 warning
[javac] Compiling 2 source files to
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build/test/classes>
[javac] warning: [options] bootstrap class path not set in conjunction with
-source 8
[javac] Note:
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/zookeeper-it/src/test/bench/org/apache/zookeeper/server/watch/WatchBench.java>
uses or overrides a deprecated API.
[javac] Note: Recompile with -Xlint:deprecation for details.
[javac] 1 warning
init:
ivy-download:
ivy-taskdef:
ivy-init:
ivy-retrieve-owasp:
[ivy:retrieve] :: loading settings :: file =
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/ivysettings.xml>
[ivy:retrieve] :: resolving dependencies ::
org.apache.zookeeper#zookeeper;3.6.0-SNAPSHOT
[ivy:retrieve] confs: [owasp]
[ivy:retrieve] found org.owasp#dependency-check-ant;4.0.2 in maven2
[ivy:retrieve] found org.owasp#dependency-check-core;4.0.2 in maven2
[ivy:retrieve] found com.vdurmont#semver4j;2.2.0 in maven2
[ivy:retrieve] found joda-time#joda-time;1.6 in maven2
[ivy:retrieve] found org.slf4j#slf4j-api;1.7.25 in maven2
[ivy:retrieve] found org.owasp#dependency-check-utils;4.0.2 in maven2
[ivy:retrieve] found commons-io#commons-io;2.6 in maven2
[ivy:retrieve] found org.apache.commons#commons-lang3;3.4 in maven2
[ivy:retrieve] found com.google.code.gson#gson;2.8.5 in maven2
[ivy:retrieve] found commons-collections#commons-collections;3.2.2 in maven2
[ivy:retrieve] found org.apache.commons#commons-compress;1.18 in maven2
[ivy:retrieve] found org.apache.commons#commons-text;1.3 in maven2
[ivy:retrieve] found org.apache.lucene#lucene-core;7.6.0 in maven2
[ivy:retrieve] found org.apache.lucene#lucene-analyzers-common;7.6.0 in maven2
[ivy:retrieve] found org.apache.lucene#lucene-queryparser;7.6.0 in maven2
[ivy:retrieve] found org.apache.lucene#lucene-queries;7.6.0 in maven2
[ivy:retrieve] found org.apache.lucene#lucene-sandbox;7.6.0 in maven2
[ivy:retrieve] found org.apache.velocity#velocity;1.7 in maven2
[ivy:retrieve] found commons-lang#commons-lang;2.4 in maven2
[ivy:retrieve] found org.glassfish#javax.json;1.0.4 in maven2
[ivy:retrieve] found org.jsoup#jsoup;1.11.3 in maven2
[ivy:retrieve] found com.sun.mail#mailapi;1.6.3 in maven2
[ivy:retrieve] found com.google.guava#guava;27.0.1-jre in maven2
[ivy:retrieve] found com.google.guava#failureaccess;1.0.1 in maven2
[ivy:retrieve] found
com.google.guava#listenablefuture;9999.0-empty-to-avoid-conflict-with-guava in
maven2
[ivy:retrieve] found com.google.code.findbugs#jsr305;3.0.2 in maven2
[ivy:retrieve] found org.checkerframework#checker-qual;2.5.2 in maven2
[ivy:retrieve] found com.google.errorprone#error_prone_annotations;2.2.0 in
maven2
[ivy:retrieve] found com.google.j2objc#j2objc-annotations;1.1 in maven2
[ivy:retrieve] found org.codehaus.mojo#animal-sniffer-annotations;1.17 in
maven2
[ivy:retrieve] found com.h3xstream.retirejs#retirejs-core;3.0.1 in maven2
[ivy:retrieve] found org.json#json;20140107 in maven2
[ivy:retrieve] found com.esotericsoftware#minlog;1.3 in maven2
[ivy:retrieve] found com.github.spullara.mustache.java#compiler;0.8.17 in
maven2
[ivy:retrieve] found com.h2database#h2;1.4.196 in maven2
[ivy:retrieve] :: resolution report :: resolve 1005ms :: artifacts dl 26ms
---------------------------------------------------------------------
| | modules || artifacts |
| conf | number| search|dwnlded|evicted|| number|dwnlded|
---------------------------------------------------------------------
| owasp | 35 | 0 | 0 | 0 || 35 | 0 |
---------------------------------------------------------------------
[ivy:retrieve] :: retrieving :: org.apache.zookeeper#zookeeper
[ivy:retrieve] confs: [owasp]
[ivy:retrieve] 35 artifacts copied, 0 already retrieved (15405kB/637ms)
owasp-taskdef:
ivy-retrieve:
[ivy:retrieve] :: resolving dependencies ::
org.apache.zookeeper#zookeeper;3.6.0-SNAPSHOT
[ivy:retrieve] confs: [default]
[ivy:retrieve] found jline#jline;2.11 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-server;9.4.15.v20190215 in maven2
[ivy:retrieve] found javax.servlet#javax.servlet-api;3.1.0 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-http;9.4.15.v20190215 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-util;9.4.15.v20190215 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-io;9.4.15.v20190215 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-servlet;9.4.15.v20190215 in maven2
[ivy:retrieve] found org.eclipse.jetty#jetty-security;9.4.15.v20190215 in
maven2
[ivy:retrieve] found com.fasterxml.jackson.core#jackson-databind;2.9.9 in
maven2
[ivy:retrieve] found com.fasterxml.jackson.core#jackson-annotations;2.9.0 in
maven2
[ivy:retrieve] found com.fasterxml.jackson.core#jackson-core;2.9.9 in maven2
[ivy:retrieve] found org.slf4j#slf4j-api;1.7.25 in maven2
[ivy:retrieve] found org.slf4j#slf4j-log4j12;1.7.25 in maven2
[ivy:retrieve] found commons-cli#commons-cli;1.2 in maven2
[ivy:retrieve] found com.github.spotbugs#spotbugs-annotations;3.1.9 in maven2
[ivy:retrieve] found com.google.code.findbugs#jsr305;3.0.2 in maven2
[ivy:retrieve] found log4j#log4j;1.2.17 in maven2
[ivy:retrieve] found org.apache.yetus#audience-annotations;0.5.0 in maven2
[ivy:retrieve] found io.netty#netty-all;4.1.36.Final in maven2
[ivy:retrieve] found com.googlecode.json-simple#json-simple;1.1.1 in maven2
[ivy:retrieve] found commons-lang#commons-lang;2.6 in maven2
[ivy:retrieve] found org.xerial.snappy#snappy-java;1.1.7 in maven2
[ivy:retrieve] found io.dropwizard.metrics#metrics-core;3.2.5 in maven2
[ivy:retrieve] :: resolution report :: resolve 208ms :: artifacts dl 16ms
---------------------------------------------------------------------
| | modules || artifacts |
| conf | number| search|dwnlded|evicted|| number|dwnlded|
---------------------------------------------------------------------
| default | 23 | 0 | 0 | 0 || 23 | 0 |
---------------------------------------------------------------------
[ivy:retrieve] :: retrieving :: org.apache.zookeeper#zookeeper
[ivy:retrieve] confs: [default]
[ivy:retrieve] 0 artifacts copied, 23 already retrieved (0kB/7ms)
owasp:
[owasp:dependency-check-update] Checking for updates
[owasp:dependency-check-update] starting getUpdatesNeeded() ...
[owasp:dependency-check-update] NVD CVE requires several updates; this could
take a couple of minutes.
[owasp:dependency-check-update] Download Started for NVD CVE - 2002
[owasp:dependency-check-update] Download Started for NVD CVE - 2003
[owasp:dependency-check-update] Download Started for NVD CVE - 2004
[owasp:dependency-check-update] Download Started for NVD CVE - 2005
[owasp:dependency-check-update] Download Started for NVD CVE - 2006
[owasp:dependency-check-update] Download Started for NVD CVE - 2007
[owasp:dependency-check-update] Download Started for NVD CVE - 2008
[owasp:dependency-check-update] Download Started for NVD CVE - 2009
[owasp:dependency-check-update] Download Started for NVD CVE - 2010
[owasp:dependency-check-update] Download Started for NVD CVE - 2011
[owasp:dependency-check-update] Download Started for NVD CVE - 2012
[owasp:dependency-check-update] Download Started for NVD CVE - 2013
[owasp:dependency-check-update] Download Started for NVD CVE - 2014
[owasp:dependency-check-update] Download Started for NVD CVE - 2015
[owasp:dependency-check-update] Download Started for NVD CVE - 2016
[owasp:dependency-check-update] Download Started for NVD CVE - 2017
[owasp:dependency-check-update] Download Started for NVD CVE - 2018
[owasp:dependency-check-update] Download Started for NVD CVE - 2019
[owasp:dependency-check-update] Download Started for NVD CVE - Modified
[owasp:dependency-check-update] Download Complete for NVD CVE - 2003 (1543 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2003
[owasp:dependency-check-update] Download Complete for NVD CVE - Modified (1680
ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - Modified
[owasp:dependency-check-update] Download Complete for NVD CVE - 2004 (1995 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2004
[owasp:dependency-check-update] Download Complete for NVD CVE - 2005 (2181 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2009 (2228 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2010 (2257 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2010
[owasp:dependency-check-update] Download Complete for NVD CVE - 2002 (2276 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2009
[owasp:dependency-check-update] Processing Started for NVD CVE - 2005
[owasp:dependency-check-update] Processing Started for NVD CVE - 2002
[owasp:dependency-check-update] Download Complete for NVD CVE - 2015 (2679 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2012 (2718 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2006 (2724 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2008 (2808 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2013 (2814 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2019 (3086 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2007 (3090 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2014 (3220 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2016 (3946 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2019
[owasp:dependency-check-update] Processing Started for NVD CVE - 2007
[owasp:dependency-check-update] Processing Started for NVD CVE - 2014
[owasp:dependency-check-update] Processing Started for NVD CVE - 2016
[owasp:dependency-check-update] Download Complete for NVD CVE - 2011 (4650 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2013
[owasp:dependency-check-update] Processing Started for NVD CVE - 2015
[owasp:dependency-check-update] Processing Started for NVD CVE - 2012
[owasp:dependency-check-update] Processing Started for NVD CVE - 2008
[owasp:dependency-check-update] Processing Started for NVD CVE - 2006
[owasp:dependency-check-update] Download Complete for NVD CVE - 2017 (5349 ms)
[owasp:dependency-check-update] Download Complete for NVD CVE - 2018 (6532 ms)
[owasp:dependency-check-update] Processing Started for NVD CVE - 2011
[owasp:dependency-check-update] Processing Started for NVD CVE - 2018
[owasp:dependency-check-update] Processing Started for NVD CVE - 2017
[owasp:dependency-check-update] Processing Complete for NVD CVE - Modified
(149962 ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2003 (281497
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2004 (334010
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2019 (543601
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2011 (543878
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2005 (548767
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2010 (613133
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2009 (616296
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2013 (619762
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2012 (620327
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2002 (625188
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2015 (670673
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2008 (712261
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2007 (715249
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2016 (716866
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2014 (768910
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2006 (772802
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2017 (786723
ms)
[owasp:dependency-check-update] Processing Complete for NVD CVE - 2018 (897599
ms)
[owasp:dependency-check-update] Begin database maintenance.
[owasp:dependency-check-update] End database maintenance.
[owasp:dependency-check-update] A new version of dependency-check is available.
Consider updating to version 5.0.0.m1.
[owasp:dependency-check-update] Check for updates complete (910124 ms)
[owasp:dependency-check-update] Checking for updates
[owasp:dependency-check-update] Skipping NVD check since last check was within
4 hours.
[owasp:dependency-check-update] A new version of dependency-check is available.
Consider updating to version 5.0.0.m1.
[owasp:dependency-check-update] Skipping RetireJS update since last update was
within 24 hours.
[owasp:dependency-check-update] Check for updates complete (9 ms)
[owasp:dependency-check-update] Analysis Started
[owasp:dependency-check-update] Finished Archive Analyzer (0 seconds)
[owasp:dependency-check-update] Finished File Name Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Jar Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Central Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Assembly Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Dependency Merging Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Version Filter Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Hint Analyzer (0 seconds)
[owasp:dependency-check-update] Created CPE Index (1 seconds)
[owasp:dependency-check-update] Skipping CPE Analysis for npm
[owasp:dependency-check-update] Finished CPE Analyzer (2 seconds)
[owasp:dependency-check-update] Finished False Positive Analyzer (0 seconds)
[owasp:dependency-check-update] Finished NVD CVE Analyzer (0 seconds)
[owasp:dependency-check-update] Finished Vulnerability Suppression Analyzer (0
seconds)
[owasp:dependency-check-update] Finished Dependency Bundling Analyzer (0
seconds)
[owasp:dependency-check-update] Analysis Complete (5 seconds)
BUILD FAILED
<https://builds.apache.org/job/ZooKeeper-trunk-owasp/ws/build.xml>:1727:
Dependency-Check Failure:
One or more dependencies were identified with vulnerabilities that have a CVSS
score greater than or equal to '0.0': CVE-2019-12814
See the dependency-check report for more details.
Total time: 15 minutes 38 seconds
Build step 'Invoke Ant' marked build as failure
Archiving artifacts
[Fast Archiver] Compressed 656.57 KB of artifacts by 19.5% relative to #403
