This is an automated email from the ASF dual-hosted git repository. oleewere pushed a commit to branch branch-2.7 in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push: new f613ada AMBARI-24765. Fix CVE issues for Log Search (2.7.3) (#2445) f613ada is described below commit f613ada643f74766f5ac5b55d095f483287eae9d Author: Olivér Szabó <oleew...@gmail.com> AuthorDate: Fri Oct 12 12:10:25 2018 +0200 AMBARI-24765. Fix CVE issues for Log Search (2.7.3) (#2445) --- .../ambari-logsearch-logfeeder-container-registry/pom.xml | 6 +++--- ambari-logsearch/ambari-logsearch-logfeeder/pom.xml | 5 +++-- ambari-logsearch/ambari-logsearch-server/pom.xml | 14 ++++++++------ ambari-logsearch/pom.xml | 6 +++--- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml b/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml index f9ed6dd..5c2cbc7 100644 --- a/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml +++ b/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml @@ -46,12 +46,12 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.9.4</version> + <version>2.9.5</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> - <version>2.9.4</version> + <version>2.9.5</version> </dependency> <dependency> <groupId>commons-lang</groupId> @@ -82,4 +82,4 @@ </plugin> </plugins> </build> -</project> \ No newline at end of file +</project> diff --git a/ambari-logsearch/ambari-logsearch-logfeeder/pom.xml b/ambari-logsearch/ambari-logsearch-logfeeder/pom.xml index 3eb4763..c11faa9 100644 --- a/ambari-logsearch/ambari-logsearch-logfeeder/pom.xml +++ b/ambari-logsearch/ambari-logsearch-logfeeder/pom.xml @@ -33,8 +33,8 @@ <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <spring.version>4.3.17.RELEASE</spring.version> - <spring-boot.version>1.5.13.RELEASE</spring-boot.version> + <spring.version>4.3.18.RELEASE</spring.version> + <spring-boot.version>1.5.14.RELEASE</spring-boot.version> </properties> <dependencies> @@ -298,6 +298,7 @@ </goals> <configuration> + <excludeArtifactIds>spring-boot-starter,spring-boot-starter-log4j</excludeArtifactIds> <outputAbsoluteArtifactFilename>true</outputAbsoluteArtifactFilename> <outputDirectory>${basedir}/target/libs</outputDirectory> <overWriteReleases>false</overWriteReleases> diff --git a/ambari-logsearch/ambari-logsearch-server/pom.xml b/ambari-logsearch/ambari-logsearch-server/pom.xml index 5637efa..b35e2f8 100755 --- a/ambari-logsearch/ambari-logsearch-server/pom.xml +++ b/ambari-logsearch/ambari-logsearch-server/pom.xml @@ -27,7 +27,7 @@ <url>http://maven.apache.org</url> <name>Ambari Logsearch Server</name> <properties> - <spring.version>4.3.17.RELEASE</spring.version> + <spring.version>4.3.18.RELEASE</spring.version> <spring.security.version>4.2.4.RELEASE</spring.security.version> <spring.ldap.version>2.2.0.RELEASE</spring.ldap.version> <jersey.version>2.25.1</jersey.version> @@ -35,7 +35,7 @@ <swagger.version>1.5.16</swagger.version> <spring-data-solr.version>2.0.2.RELEASE</spring-data-solr.version> <jjwt.version>0.6.0</jjwt.version> - <spring-boot.version>1.5.13.RELEASE</spring-boot.version> + <spring-boot.version>1.5.14.RELEASE</spring-boot.version> </properties> <profiles> <profile> @@ -107,7 +107,9 @@ <goal>copy-dependencies</goal> </goals> <configuration> - <excludeArtifactIds>ambari-logsearch-web</excludeArtifactIds> + <excludeArtifactIds>ambari-logsearch-web,spring-boot-starter,spring-boot-starter-actuator, + spring-boot-starter-freemarker,spring-boot-starter-jersey,spring-boot-starter-jetty,spring-boot-starter-json, + spring-boot-starter-log4j,spring-boot-starter-security,spring-boot-starter-validation,spring-boot-starter-web</excludeArtifactIds> <outputAbsoluteArtifactFilename>true</outputAbsoluteArtifactFilename> <outputDirectory>${basedir}/target/libs</outputDirectory> <overWriteReleases>false</overWriteReleases> @@ -479,7 +481,7 @@ <dependency> <groupId>org.springframework.data</groupId> <artifactId>spring-data-commons</artifactId> - <version>1.13.11.RELEASE</version> + <version>1.13.12.RELEASE</version> </dependency> <dependency> <groupId>org.springframework</groupId> @@ -494,12 +496,12 @@ <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> - <version>1.55</version> + <version>1.60</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcpkix-jdk15on</artifactId> - <version>1.55</version> + <version>1.60</version> </dependency> <dependency> <groupId>org.apache.ambari</groupId> diff --git a/ambari-logsearch/pom.xml b/ambari-logsearch/pom.xml index 1865291..a30860d 100644 --- a/ambari-logsearch/pom.xml +++ b/ambari-logsearch/pom.xml @@ -327,17 +327,17 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.9.4</version> + <version>2.9.5</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> - <version>2.9.4</version> + <version>2.9.5</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.dataformat</groupId> <artifactId>jackson-dataformat-xml</artifactId> - <version>2.9.4</version> + <version>2.9.5</version> <exclusions> <exclusion> <groupId>com.fasterxml.woodstox</groupId>