This is an automated email from the ASF dual-hosted git repository.
ayushsaxena pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new 3cb3dfafe508 HADOOP-18924. Upgrade to grpc 1.53.0 due to CVEs (#6161).
Contributed by PJ Fanning.
3cb3dfafe508 is described below
commit 3cb3dfafe508d3c505851749852578dece2d6525
Author: PJ Fanning <pjfann...@users.noreply.github.com>
AuthorDate: Fri Dec 1 05:23:47 2023 +0100
HADOOP-18924. Upgrade to grpc 1.53.0 due to CVEs (#6161). Contributed by PJ
Fanning.
Signed-off-by: Ayush Saxena <ayushsax...@apache.org>
---
LICENSE-binary | 16 ++++++++--------
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml | 16 ++++++++++++++--
2 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index 90afc172e2d7..1742e787a66b 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -250,13 +250,13 @@ commons-daemon:commons-daemon:1.0.13
commons-io:commons-io:2.14.0
commons-net:commons-net:3.9.0
de.ruedigermoeller:fst:2.50
-io.grpc:grpc-api:1.26.0
-io.grpc:grpc-context:1.26.0
-io.grpc:grpc-core:1.26.0
-io.grpc:grpc-netty:1.26.0
-io.grpc:grpc-protobuf:1.26.0
-io.grpc:grpc-protobuf-lite:1.26.0
-io.grpc:grpc-stub:1.26.0
+io.grpc:grpc-api:1.53.0
+io.grpc:grpc-context:1.53.0
+io.grpc:grpc-core:1.53.0
+io.grpc:grpc-netty:1.53.0
+io.grpc:grpc-protobuf:1.53.0
+io.grpc:grpc-protobuf-lite:1.53.0
+io.grpc:grpc-stub:1.53.0
io.netty:netty-all:4.1.100.Final
io.netty:netty-buffer:4.1.100.Final
io.netty:netty-codec:4.1.100.Final
@@ -482,7 +482,7 @@ com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7
org.bouncycastle:bcpkix-jdk15on:1.68
org.bouncycastle:bcprov-jdk15on:1.68
org.checkerframework:checker-qual:2.5.2
-org.codehaus.mojo:animal-sniffer-annotations:1.17
+org.codehaus.mojo:animal-sniffer-annotations:1.21
org.jruby.jcodings:jcodings:1.0.13
org.jruby.joni:joni:2.1.2
org.slf4j:jul-to-slf4j:jar:1.7.25
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
index 864067ce9746..38bc9085abf2 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
@@ -26,7 +26,8 @@
<packaging>jar</packaging>
<properties>
- <grpc.version>1.26.0</grpc.version>
+ <grpc.version>1.53.0</grpc.version>
+ <animal-sniffer.version>1.21</animal-sniffer.version>
</properties>
<dependencies>
@@ -48,6 +49,17 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-core</artifactId>
<version>${grpc.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-annotations</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-annotations</artifactId>
+ <version>${animal-sniffer.version}</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
@@ -197,7 +209,7 @@
<configuration>
<protocArtifact>com.google.protobuf:protoc:${hadoop.protobuf.version}:exe:${os.detected.classifier}</protocArtifact>
<pluginId>grpc-java</pluginId>
-
<pluginArtifact>io.grpc:protoc-gen-grpc-java:1.26.0:exe:${os.detected.classifier}</pluginArtifact>
+
<pluginArtifact>io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${os.detected.classifier}</pluginArtifact>
</configuration>
<executions>
<execution>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
