This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit c69296d45318f2c828788304e6d0fcd357070071
Author: Yinghao Lin <39019287+yhca...@users.noreply.github.com>
AuthorDate: Thu Dec 15 11:48:42 2022 +0800
KYLIN-5435 [FOLLOW UP] Fix vulnerabilites
---
pom.xml | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/pom.xml b/pom.xml
index 216c385e72..8d228649d4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -190,7 +190,7 @@
<cglib.version>3.2.4</cglib.version>
<supercsv.version>2.4.0</supercsv.version>
<cors.version>2.5</cors.version>
- <tomcat.version>9.0.63</tomcat.version>
+ <tomcat.version>9.0.68</tomcat.version>
<t-digest.version>3.1.1-kylin-r1</t-digest.version>
<jsonpath.version>2.3.0</jsonpath.version>
<lombok.version>1.18.2</lombok.version>
@@ -205,11 +205,10 @@
<dropwizard.version>4.1.1</dropwizard.version>
<spring.cloud.version>2021.0.0</spring.cloud.version>
- <spring.boot.version>2.6.8</spring.boot.version>
+ <spring.boot.version>2.6.14</spring.boot.version>
<spring-boot-admin.version>2.6.6</spring-boot-admin.version>
<spring-session.version>2.6.1-kylin-r4</spring-session.version>
<spring.framework.security.extensions.version>1.0.10.RELEASE</spring.framework.security.extensions.version>
- <spring-security-web.version>5.6.9</spring-security-web.version>
<opensaml.version>2.6.6</opensaml.version>
<aspectj.version>1.8.9</aspectj.version>
<unboundid-ldapsdk.version>3.1.1</unboundid-ldapsdk.version>
@@ -2360,11 +2359,6 @@
</dependency>
<!-- Spring Security -->
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-web</artifactId>
- <version>${spring-security-web.version}</version>
- </dependency>
<dependency>
<groupId>org.springframework.security.extensions</groupId>
<artifactId>spring-security-saml2-core</artifactId>
