This is an automated email from the ASF dual-hosted git repository. zjffdu pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push: new eab9a52 [ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs eab9a52 is described below commit eab9a52711ae968c02c195560bfa8f94d80acf13 Author: Alex Ott <alex...@gmail.com> AuthorDate: Sun Dec 8 13:53:14 2019 +0100 [ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs ### What is this PR for? Bumps Shiro dependency to 1.4.2 to fix possible problems with CVE. ### What type of PR is it? Improvement ### What is the Jira issue? * https://issues.apache.org/jira/browse/ZEPPELIN-4472 ### How should this be tested? * Travis-CI build: https://travis-ci.org/alexott/zeppelin/builds/622262158 - one test is failing, something wrong with Livy interpreter. Author: Alex Ott <alex...@gmail.com> Closes #3546 from alexott/ZEPPELIN-4472 and squashes the following commits: f926d7d7c [Alex Ott] [ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d4d8d6e..cbd9b14 100644 --- a/pom.xml +++ b/pom.xml @@ -128,7 +128,7 @@ <commons.collections.version>3.2.2</commons.collections.version> <commons.logging.version>1.1.1</commons.logging.version> <commons.cli.version>1.3.1</commons.cli.version> - <shiro.version>1.4.0</shiro.version> + <shiro.version>1.4.2</shiro.version> <joda.version>2.9.9</joda.version> <!-- test library versions -->