This is an automated email from the ASF dual-hosted git repository.
weichiu pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.3 by this push:
new fe8b22c HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate
CVE-2017-18640. Contributed by Brahma Reddy Battula.
fe8b22c is described below
commit fe8b22ca8f44bd48cb00d14bc988599d971b81ca
Author: Brahma Reddy Battula <bra...@apache.org>
AuthorDate: Wed Oct 28 09:26:52 2020 -0700
HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640.
Contributed by Brahma Reddy Battula.
Signed-off-by: Wei-Chiu Chuang <weic...@apache.org>
(cherry picked from commit eb84793af1e48db05ab827d0cf09963a430615ed)
---
hadoop-project/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 2d7f40c..6d77b5e 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -195,7 +195,7 @@
<declared.hadoop.version>${hadoop.version}</declared.hadoop.version>
<swagger-annotations-version>1.5.4</swagger-annotations-version>
- <snakeyaml.version>1.16</snakeyaml.version>
+ <snakeyaml.version>1.26</snakeyaml.version>
<hbase.one.version>1.4.8</hbase.one.version>
<hbase.two.version>2.0.2</hbase.two.version>
<junit.version>4.12</junit.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
