[druid] branch master updated: Fix CVE-2022-2048 (jetty) and CVE-2022-31159 (aws-java-sdk-s3) (#12807)

Thu, 21 Jul 2022 00:38:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

kfaraz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git


The following commit(s) were added to refs/heads/master by this push:
     new 9e5f0109fd Fix CVE-2022-2048 (jetty) and CVE-2022-31159 
(aws-java-sdk-s3) (#12807)
9e5f0109fd is described below

commit 9e5f0109fd00ffbed2ee80ebb0dfae253660ed5f
Author: Kashif Faraz <[email protected]>
AuthorDate: Thu Jul 21 13:08:18 2022 +0530

    Fix CVE-2022-2048 (jetty) and CVE-2022-31159 (aws-java-sdk-s3) (#12807)
    
    Changes:
    - Upgrade aws sdk version from `1.12.37` to `1.12.264`
    - Upgrade jetty version from `9.4.41.v20210516` to `9.4.47.v20220610`
---
 licenses.yaml | 4 ++--
 pom.xml       | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/licenses.yaml b/licenses.yaml
index 203cba91ec..2188e3e87e 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -178,7 +178,7 @@ name: AWS SDK for Java
 license_category: binary
 module: java-core
 license_name: Apache License version 2.0
-version: 1.12.37
+version: 1.12.264
 libraries:
   - com.amazonaws: aws-java-sdk-core
   - com.amazonaws: aws-java-sdk-ec2
@@ -2022,7 +2022,7 @@ name: Jetty
 license_category: binary
 module: java-core
 license_name: Apache License version 2.0
-version: 9.4.41.v20210516
+version: 9.4.47.v20220610
 libraries:
   - org.eclipse.jetty: jetty-client
   - org.eclipse.jetty: jetty-continuation
diff --git a/pom.xml b/pom.xml
index d1dac7fa20..f4dee431f8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -95,7 +95,7 @@
         <guava.version>16.0.1</guava.version>
         <guice.version>4.1.0</guice.version>
         <hamcrest.version>1.3</hamcrest.version>
-        <jetty.version>9.4.41.v20210516</jetty.version>
+        <jetty.version>9.4.47.v20220610</jetty.version>
         <jersey.version>1.19.4</jersey.version>
         <jackson.version>2.10.5.20201202</jackson.version>
         <codehaus.jackson.version>1.9.13</codehaus.jackson.version>
@@ -111,7 +111,7 @@
         <!-- If compiling with different hadoop version also modify default 
hadoop coordinates in TaskConfig.java -->
         <hadoop.compile.version>2.8.5</hadoop.compile.version>
         <mockito.version>4.3.1</mockito.version>
-        <aws.sdk.version>1.12.37</aws.sdk.version>
+        <aws.sdk.version>1.12.264</aws.sdk.version>
         <caffeine.version>2.8.0</caffeine.version>
         <jacoco.version>0.8.7</jacoco.version>
         <hibernate-validator.version>5.2.5.Final</hibernate-validator.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to