[ambari] branch branch-2.7 updated: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246)

dmitriusan Mon, 19 Oct 2020 10:02:16 -0700

This is an automated email from the ASF dual-hosted git repository.

dmitriusan pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git



The following commit(s) were added to refs/heads/branch-2.7 by this push:
     new 0740dce  AMBARI-25571. Vulnerable Spring components in Ambari - 
CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246)
0740dce is described below

commit 0740dce35dd4af783c357d24c9add0d24cb1be79
Author: Lisnichenko Dmitro <[email protected]>
AuthorDate: Mon Oct 19 20:01:01 2020 +0300

    AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, 
CVE-2020-5421 (dlysnichenko) (#3246)
---
 ambari-infra/ambari-infra-manager/pom.xml        | 4 ++--
 ambari-logsearch/ambari-logsearch-server/pom.xml | 4 ++--
 ambari-project/pom.xml                           | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/ambari-infra/ambari-infra-manager/pom.xml 
b/ambari-infra/ambari-infra-manager/pom.xml
index abf8571..8dac3b1 100644
--- a/ambari-infra/ambari-infra-manager/pom.xml
+++ b/ambari-infra/ambari-infra-manager/pom.xml
@@ -29,8 +29,8 @@
   <artifactId>ambari-infra-manager</artifactId>
 
   <properties>
-    <spring.version>5.1.8.RELEASE</spring.version>
-    <spring.security.version>5.1.5.RELEASE</spring.security.version>
+    <spring.version>5.1.18.RELEASE</spring.version>
+    <spring.security.version>5.1.13.RELEASE</spring.security.version>
     <spring.ldap.version>2.3.2.RELEASE</spring.ldap.version>
     <jersey.version>2.27</jersey.version>
     <spring-batch.version>4.1.1.RELEASE</spring-batch.version>
diff --git a/ambari-logsearch/ambari-logsearch-server/pom.xml 
b/ambari-logsearch/ambari-logsearch-server/pom.xml
index e265c3d..f8bc27a 100755
--- a/ambari-logsearch/ambari-logsearch-server/pom.xml
+++ b/ambari-logsearch/ambari-logsearch-server/pom.xml
@@ -26,8 +26,8 @@
   <packaging>jar</packaging>
   <name>Ambari Logsearch Server</name>
   <properties>
-    <spring.version>5.1.8.RELEASE</spring.version>
-    <spring.security.version>5.1.5.RELEASE</spring.security.version>
+    <spring.version>5.1.18.RELEASE</spring.version>
+    <spring.security.version>5.1.13.RELEASE</spring.security.version>
     <spring-data-solr.version>3.0.10.RELEASE</spring-data-solr.version>
     <spring-data.version>2.0.10.RELEASE</spring-data.version>
     <spring-boot.version>2.1.5.RELEASE</spring-boot.version>
diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index e2010e3..d294876 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -38,8 +38,8 @@
     <swagger.maven.plugin.version>3.1.4</swagger.maven.plugin.version>
     <slf4j.version>1.7.20</slf4j.version>
     <guice.version>4.1.0</guice.version>
-    <spring.version>5.1.8.RELEASE</spring.version>
-    <spring.security.version>5.1.5.RELEASE</spring.security.version>
+    <spring.version>5.1.18.RELEASE</spring.version>
+    <spring.security.version>5.1.13.RELEASE</spring.security.version>
     <fasterxml.jackson.version>2.10.0</fasterxml.jackson.version>
     
<fasterxml.jackson.databind.version>2.10.0</fasterxml.jackson.databind.version>
     <postgres.version>42.2.2</postgres.version>

[ambari] branch branch-2.7 updated: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246)

Reply via email to