[ambari] branch trunk updated: [AMBARI-24415] Remove dependencies with CVE issues from Ambari Server

Wed, 08 Aug 2018 10:15:01 -0700 

This is an automated email from the ASF dual-hosted git repository.

rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 06a15f5  [AMBARI-24415] Remove dependencies with CVE issues from 
Ambari Server
06a15f5 is described below

commit 06a15f593ae6bbe387c007321731f643e5acadcc
Author: Robert Levas <[email protected]>
AuthorDate: Wed Aug 8 11:08:23 2018 -0400

    [AMBARI-24415] Remove dependencies with CVE issues from Ambari Server
---
 ambari-project/pom.xml | 11 ++++++-----
 ambari-server/pom.xml  |  4 ++--
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index 6b65835..24d5878 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -37,7 +37,8 @@
     <swagger.maven.plugin.version>3.1.4</swagger.maven.plugin.version>
     <slf4j.version>1.7.20</slf4j.version>
     <guice.version>4.1.0</guice.version>
-    <spring.version>4.3.16.RELEASE</spring.version>
+    <spring.version>4.3.17.RELEASE</spring.version>
+    <spring.security.version>4.2.7.RELEASE</spring.security.version>
     <fasterxml.jackson.version>2.9.5</fasterxml.jackson.version>
     <postgres.version>42.2.2</postgres.version>
     <forkCount>4</forkCount>
@@ -163,17 +164,17 @@
       <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-core</artifactId>
-        <version>4.2.4.RELEASE</version>
+        <version>${spring.security.version}</version>
       </dependency>
       <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-config</artifactId>
-        <version>4.2.4.RELEASE</version>
+        <version>${spring.security.version}</version>
       </dependency>
       <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-web</artifactId>
-        <version>4.2.4.RELEASE</version>
+        <version>${spring.security.version}</version>
       </dependency>
       <dependency>
         <groupId>org.springframework.security.kerberos</groupId>
@@ -189,7 +190,7 @@
       <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-ldap</artifactId>
-        <version>4.1.1.RELEASE</version>
+        <version>${spring.security.version}</version>
       </dependency>
       <dependency>
         <groupId>org.springframework.ldap</groupId>
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index e95574e..b50e19b 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1732,7 +1732,7 @@
     <dependency>
       <groupId>com.jcraft</groupId>
       <artifactId>jsch</artifactId>
-      <version>0.1.45</version>
+      <version>0.1.54</version>
     </dependency>
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
@@ -1791,7 +1791,7 @@
     <dependency>
       <groupId>org.kohsuke</groupId>
       <artifactId>libpam4j</artifactId>
-      <version>1.8</version>
+      <version>1.10</version>
     </dependency>
     <dependency>
       <groupId>net.java.dev.jna</groupId>

Reply via email to