[
https://issues.apache.org/jira/browse/GEODE-8496?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17219117#comment-17219117
]
ASF subversion and git services commented on GEODE-8496:
--------------------------------------------------------
Commit 54527eb0395cc851c2aaccfac811cbec8252d712 in geode's branch
refs/heads/develop from Owen Nichols
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=54527eb ]
GEODE-8496: top off dependency updates for 1.14 (#5652)
* Bump spring-security from 5.4.0 to 5.4.1
* Bump jackson and jackson-databind from 2.11.2 to 2.11.3
* Bump netty-all from 4.1.52.Final to 4.1.53.Final
* Bump mysql-connector-java from 8.0.21 to 8.0.22
* Bump httpclient from 4.5.12 to 4.5.13
* Bump tomcat9 from 9.0.38 to 9.0.39
* Bump tomcat8 from 8.5.58 to 8.5.59
* Bump cargo from 1.8.1 to 1.8.2
* Bump jetty from 9.4.31.v20200723 to 9.4.32.v20200930
* Bump jmh from 1.25.2 to 1.26
* Bump guava from 29.0-jre to 30.0-jre
* Bump mockrunner-servlet from 2.0.4 to 2.0.6
* Bump pmd from 6.27.0 to 6.28.0
* Bump junit from 4.13 to 4.13.1
* Bump junit-quickcheck from 0.9.4 to 0.9.5
* Bump mockito-core from 3.5.11 to 3.5.15
* Bump compiler from 2.3.6 to 2.4.0
> bump dependencies for 1.14
> --------------------------
>
> Key: GEODE-8496
> URL: https://issues.apache.org/jira/browse/GEODE-8496
> Project: Geode
> Issue Type: Improvement
> Components: build
> Reporter: Owen Nichols
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.14.0
>
>
> now is a good time in the lull between 1.13 and 1.14 to roll 3rd party
> libraries to latest versions wherever possible. Doing this proactively helps
> us stay ahead of CVEs and keep up with bugfixes.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
