This is an automated email from the ASF dual-hosted git repository.
suneet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 3f456fe Address CVE-2021-35515 CVE-2021-36090 (#11496)
3f456fe is described below
commit 3f456fe3050604436695c6d6d741f577c4293d4a
Author: Suneet Saldanha <[email protected]>
AuthorDate: Mon Jul 26 14:54:32 2021 -0700
Address CVE-2021-35515 CVE-2021-36090 (#11496)
* Address CVE-2021-35515 CVE-2021-36090
Bump commons-compress to deal with new CVEs
* fix licenses
---
licenses.yaml | 16 +---------------
pom.xml | 2 +-
2 files changed, 2 insertions(+), 16 deletions(-)
diff --git a/licenses.yaml b/licenses.yaml
index acc6470..88f6bf2 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -621,7 +621,7 @@ name: Apache Commons Compress
license_category: binary
module: java-core
license_name: Apache License version 2.0
-version: 1.18
+version: 1.21
libraries:
- org.apache.commons: commons-compress
notices:
@@ -3002,20 +3002,6 @@ notices:
---
-name: Apache Commons Compress
-license_category: binary
-module: hadoop-client
-license_name: Apache License version 2.0
-version: 1.19
-libraries:
- - org.apache.commons: commons-compress
-notices:
- - commons-compress: |
- Apache Commons Compress
- Copyright 2002-2012 The Apache Software Foundation
-
----
-
name: Apache Commons Math
license_category: binary
module: hadoop-client
diff --git a/pom.xml b/pom.xml
index eb066a4..6313a87 100644
--- a/pom.xml
+++ b/pom.xml
@@ -436,7 +436,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
- <version>1.19</version>
+ <version>1.21</version>
</dependency>
<dependency>
<groupId>org.tukaani</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
