[hbase] branch master updated: HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)

apurtell Tue, 11 Oct 2022 10:11:23 -0700

This is an automated email from the ASF dual-hosted git repository.

apurtell pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hbase.git



The following commit(s) were added to refs/heads/master by this push:
     new f47a52b5f9a HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 
(#4822)
f47a52b5f9a is described below

commit f47a52b5f9a5be2be39389085ad6afb212068313
Author: Andrew Purtell <[email protected]>
AuthorDate: Tue Oct 11 10:11:12 2022 -0700

    HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)
    
    Jettison versions <= 1.5.0 are subject to CVE-2022-40149 and CVE-2022-40150.
    
    Move jettison.version to 1.5.1.
    
    Signed-off-by: Duo Zhang <[email protected]>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b48001a31ab..d923e8cf883 100644
--- a/pom.xml
+++ b/pom.xml
@@ -814,7 +814,7 @@
     <slf4j.version>1.7.30</slf4j.version>
     <clover.version>4.0.3</clover.version>
     <jamon-runtime.version>2.4.1</jamon-runtime.version>
-    <jettison.version>1.3.8</jettison.version>
+    <jettison.version>1.5.1</jettison.version>
     <!--Make sure these joni/jcodings are compatible with the versions used by 
jruby-->
     <joni.version>2.1.42</joni.version>
     <jcodings.version>1.0.56</jcodings.version>

[hbase] branch master updated: HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)

Reply via email to