This is an automated email from the ASF dual-hosted git repository.
cutlerb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/master by this push:
new ada9569 ARROW-9370: [Java] Bump Netty version
ada9569 is described below
commit ada956905feb103d2cf37e6da5fc7b25813ba4b8
Author: Ryan Murray <[email protected]>
AuthorDate: Wed Jul 8 22:51:28 2020 -0700
ARROW-9370: [Java] Bump Netty version
As per https://github.com/apache/arrow/pull/7619#issuecomment-655246147
there is a security
vulnerability in the current version of Netty. This upgrades to the latest
version.
A compatible upgrade of grpc was also required
Closes #7677 from rymurr/ARROW-9370
Authored-by: Ryan Murray <[email protected]>
Signed-off-by: Bryan Cutler <[email protected]>
---
java/flight/flight-core/pom.xml | 4 ++--
java/flight/flight-grpc/pom.xml | 2 +-
java/pom.xml | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/java/flight/flight-core/pom.xml b/java/flight/flight-core/pom.xml
index a2aac99..2037363 100644
--- a/java/flight/flight-core/pom.xml
+++ b/java/flight/flight-core/pom.xml
@@ -24,7 +24,7 @@
<packaging>jar</packaging>
<properties>
- <dep.grpc.version>1.24.0</dep.grpc.version>
+ <dep.grpc.version>1.30.2</dep.grpc.version>
<dep.protobuf.version>3.7.1</dep.protobuf.version>
<forkCount>1</forkCount>
</properties>
@@ -64,7 +64,7 @@
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-boringssl-static</artifactId>
- <version>2.0.12.Final</version>
+ <version>2.0.31.Final</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
diff --git a/java/flight/flight-grpc/pom.xml b/java/flight/flight-grpc/pom.xml
index 6225677..1c7bf70 100644
--- a/java/flight/flight-grpc/pom.xml
+++ b/java/flight/flight-grpc/pom.xml
@@ -24,7 +24,7 @@
<packaging>jar</packaging>
<properties>
- <dep.grpc.version>1.24.0</dep.grpc.version>
+ <dep.grpc.version>1.30.2</dep.grpc.version>
<dep.protobuf.version>3.7.1</dep.protobuf.version>
<forkCount>1</forkCount>
</properties>
diff --git a/java/pom.xml b/java/pom.xml
index a8ef939..8058707 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -33,7 +33,7 @@
<dep.junit.jupiter.version>5.4.0</dep.junit.jupiter.version>
<dep.slf4j.version>1.7.25</dep.slf4j.version>
<dep.guava.version>20.0</dep.guava.version>
- <dep.netty.version>4.1.27.Final</dep.netty.version>
+ <dep.netty.version>4.1.48.Final</dep.netty.version>
<dep.jackson.version>2.9.8</dep.jackson.version>
<dep.hadoop.version>2.7.1</dep.hadoop.version>
<dep.fbs.version>1.9.0</dep.fbs.version>
