This is an automated email from the ASF dual-hosted git repository.
zjffdu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push:
new eab9a52 [ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs
eab9a52 is described below
commit eab9a52711ae968c02c195560bfa8f94d80acf13
Author: Alex Ott <alex...@gmail.com>
AuthorDate: Sun Dec 8 13:53:14 2019 +0100
[ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs
### What is this PR for?
Bumps Shiro dependency to 1.4.2 to fix possible problems with CVE.
### What type of PR is it?
Improvement
### What is the Jira issue?
* https://issues.apache.org/jira/browse/ZEPPELIN-4472
### How should this be tested?
* Travis-CI build: https://travis-ci.org/alexott/zeppelin/builds/622262158
- one test is failing, something wrong with Livy interpreter.
Author: Alex Ott <alex...@gmail.com>
Closes #3546 from alexott/ZEPPELIN-4472 and squashes the following commits:
f926d7d7c [Alex Ott] [ZEPPELIN-4472] Upgrade Shiro to 1.4.2 to fix CVEs
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index d4d8d6e..cbd9b14 100644
--- a/pom.xml
+++ b/pom.xml
@@ -128,7 +128,7 @@
<commons.collections.version>3.2.2</commons.collections.version>
<commons.logging.version>1.1.1</commons.logging.version>
<commons.cli.version>1.3.1</commons.cli.version>
- <shiro.version>1.4.0</shiro.version>
+ <shiro.version>1.4.2</shiro.version>
<joda.version>2.9.9</joda.version>
<!-- test library versions -->
