This is an automated email from the ASF dual-hosted git repository.
ayushsaxena pushed a commit to branch branch-3.2
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.2 by this push:
new 9208218 HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to
9.8 due to CVEs (#2895). Contributed by Viraj Jasani.
9208218 is described below
commit 92082187043e1ad2d4b333a428bb3a29a3d423f9
Author: Viraj Jasani <[email protected]>
AuthorDate: Fri Apr 16 12:36:01 2021 +0530
HADOOP-17633. Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to
CVEs (#2895). Contributed by Viraj Jasani.
Signed-off-by: Ayush Saxena <[email protected]>
Conflicts:
LICENSE-binary
---
hadoop-project/pom.xml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 7231f3f..9bc82c4 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -185,6 +185,8 @@
<hbase.two.version>2.0.0-beta-1</hbase.two.version>
<junit.version>4.13.1</junit.version>
<woodstox.version>5.3.0</woodstox.version>
+ <json-smart.version>2.4.2</json-smart.version>
+ <nimbus-jose-jwt.version>9.8.1</nimbus-jose-jwt.version>
</properties>
<dependencyManagement>
@@ -1350,7 +1352,7 @@
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
- <version>7.9</version>
+ <version>${nimbus-jose-jwt.version}</version>
<scope>compile</scope>
<exclusions>
<exclusion>
@@ -1373,7 +1375,7 @@
-->
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
- <version>2.3</version>
+ <version>${json-smart.version}</version>
</dependency>
<dependency>
<groupId>org.skyscreamer</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
