This is an automated email from the ASF dual-hosted git repository.
abhishekrb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 27d682d67fd Upgrade gson version to resolve CVE-2025-53864 (#18527)
27d682d67fd is described below
commit 27d682d67fd146947bee094b8f50f8833351cc3e
Author: Ashwin Tumma <[email protected]>
AuthorDate: Tue Sep 16 09:30:03 2025 -0700
Upgrade gson version to resolve CVE-2025-53864 (#18527)
Upgrade gson version to resolve CVE-2025-53864
---
licenses.yaml | 2 +-
pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/licenses.yaml b/licenses.yaml
index 16290f16f13..ae434fc7d74 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -2554,7 +2554,7 @@ name: Gson
license_category: binary
module: hadoop-client
license_name: Apache License version 2.0
-version: 2.10.1
+version: 2.12.0
libraries:
- com.google.code.gson: gson
diff --git a/pom.xml b/pom.xml
index 3e9a299de31..0c717af4fb5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,7 +79,7 @@
<!-- when updating apache ranger, verify the usage of aws-bundle-sdk
vs aws-logs-sdk
and update as needed in extensions-core/druid-ranger-security/pm.xml
-->
<apache.ranger.version>2.4.0</apache.ranger.version>
- <gson.version>2.10.1</gson.version>
+ <gson.version>2.12.0</gson.version>
<scala.library.version>2.13.14</scala.library.version>
<avatica.version>1.26.0</avatica.version>
<avro.version>1.11.4</avro.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
