[ambari] branch trunk updated: [AMBARI-23691] Fix CVE security issues in AMS dependencies. (#1097)

Wed, 25 Apr 2018 22:35:52 -0700 

This is an automated email from the ASF dual-hosted git repository.

swagle pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 5cc76a8  [AMBARI-23691] Fix CVE security issues in AMS dependencies. 
(#1097)
5cc76a8 is described below

commit 5cc76a8604c6ef8edb1c2c5f42b139d65913a0e7
Author: avijayanhwx <[email protected]>
AuthorDate: Wed Apr 25 22:35:03 2018 -0700

    [AMBARI-23691] Fix CVE security issues in AMS dependencies. (#1097)
---
 ambari-metrics/ambari-metrics-common/pom.xml          | 2 +-
 ambari-metrics/ambari-metrics-hadoop-sink/pom.xml     | 5 ++---
 ambari-metrics/ambari-metrics-host-aggregator/pom.xml | 2 +-
 ambari-metrics/ambari-metrics-kafka-sink/pom.xml      | 2 +-
 ambari-metrics/ambari-metrics-timelineservice/pom.xml | 9 +++++++++
 5 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/ambari-metrics/ambari-metrics-common/pom.xml 
b/ambari-metrics/ambari-metrics-common/pom.xml
index 872e2b4..99b4331 100644
--- a/ambari-metrics/ambari-metrics-common/pom.xml
+++ b/ambari-metrics/ambari-metrics-common/pom.xml
@@ -155,7 +155,7 @@
     <dependency>
       <groupId>org.apache.curator</groupId>
       <artifactId>curator-framework</artifactId>
-      <version>2.12.0</version>
+      <version>4.0.0</version>
     </dependency>
     <dependency>
       <groupId>org.codehaus.jackson</groupId>
diff --git a/ambari-metrics/ambari-metrics-hadoop-sink/pom.xml 
b/ambari-metrics/ambari-metrics-hadoop-sink/pom.xml
index 0b291cb..97d573a0 100644
--- a/ambari-metrics/ambari-metrics-hadoop-sink/pom.xml
+++ b/ambari-metrics/ambari-metrics-hadoop-sink/pom.xml
@@ -31,7 +31,6 @@ limitations under the License.
   <packaging>jar</packaging>
   <properties>
     
<sinkJarName>${project.artifactId}-with-common-${project.version}.jar</sinkJarName>
-    <hadoopVersion>3.0.0-beta1</hadoopVersion>
   </properties>
 
 
@@ -142,7 +141,7 @@ limitations under the License.
     <dependency>
       <groupId>org.apache.hadoop</groupId>
       <artifactId>hadoop-common</artifactId>
-      <version>${hadoopVersion}</version>
+      <version>3.0.0</version>
       <scope>compile</scope>
     </dependency>
     <dependency>
@@ -171,7 +170,7 @@ limitations under the License.
     <dependency>
       <groupId>commons-configuration</groupId>
       <artifactId>commons-configuration</artifactId>
-      <version>1.6</version>
+      <version>1.10</version>
       <scope>compile</scope>
     </dependency>
     <dependency>
diff --git a/ambari-metrics/ambari-metrics-host-aggregator/pom.xml 
b/ambari-metrics/ambari-metrics-host-aggregator/pom.xml
index d126be5..41081d0 100644
--- a/ambari-metrics/ambari-metrics-host-aggregator/pom.xml
+++ b/ambari-metrics/ambari-metrics-host-aggregator/pom.xml
@@ -75,7 +75,7 @@
         <dependency>
             <groupId>org.apache.hadoop</groupId>
             <artifactId>hadoop-common</artifactId>
-            <version>2.7.1.2.3.4.0-3347</version>
+            <version>3.0.0</version>
         </dependency>
         <dependency>
             <groupId>com.sun.jersey.jersey-test-framework</groupId>
diff --git a/ambari-metrics/ambari-metrics-kafka-sink/pom.xml 
b/ambari-metrics/ambari-metrics-kafka-sink/pom.xml
index 91f8fe7..46afed3 100644
--- a/ambari-metrics/ambari-metrics-kafka-sink/pom.xml
+++ b/ambari-metrics/ambari-metrics-kafka-sink/pom.xml
@@ -144,7 +144,7 @@ limitations under the License.
     <dependency>
       <groupId>org.apache.kafka</groupId>
       <artifactId>kafka_2.10</artifactId>
-      <version>0.10.1.0</version>
+      <version>0.10.2.1</version>
       <exclusions>
         <exclusion>
           <groupId>com.sun.jdmk</groupId>
diff --git a/ambari-metrics/ambari-metrics-timelineservice/pom.xml 
b/ambari-metrics/ambari-metrics-timelineservice/pom.xml
index 98744a1..fcb8186 100644
--- a/ambari-metrics/ambari-metrics-timelineservice/pom.xml
+++ b/ambari-metrics/ambari-metrics-timelineservice/pom.xml
@@ -311,6 +311,10 @@
           <artifactId>zkclient</artifactId>
           <groupId>com.101tec</groupId>
         </exclusion>
+        <exclusion>
+          <artifactId>zookeeper</artifactId>
+          <groupId>org.apache.zookeeper</groupId>
+        </exclusion>
       </exclusions>
     </dependency>
     <!-- zkclient is helix-core dependency but it need to be 0.9 in order for 
AMS HA to work on secure cluster-->
@@ -320,6 +324,11 @@
       <version>0.9</version>
     </dependency>
     <dependency>
+      <groupId>org.apache.zookeeper</groupId>
+      <artifactId>zookeeper</artifactId>
+      <version>3.4.5.1.3.0.0-107</version>
+    </dependency>
+    <dependency>
       <groupId>org.apache.phoenix</groupId>
       <artifactId>phoenix-core</artifactId>
       <version>${phoenix.version}</version>

-- 
To stop receiving notification emails like this one, please contact
[email protected].

Reply via email to