[hbase] branch branch-2 updated: HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)

apurtell Tue, 11 Oct 2022 10:13:19 -0700

This is an automated email from the ASF dual-hosted git repository.

apurtell pushed a commit to branch branch-2
in repository https://gitbox.apache.org/repos/asf/hbase.git



The following commit(s) were added to refs/heads/branch-2 by this push:
     new f93bd14bd23 HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 
(#4822)
f93bd14bd23 is described below

commit f93bd14bd239ce25d76abe399c54e29682544261
Author: Andrew Purtell <[email protected]>
AuthorDate: Tue Oct 11 10:11:12 2022 -0700

    HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)
    
    Jettison versions <= 1.5.0 are subject to CVE-2022-40149 and CVE-2022-40150.
    
    Move jettison.version to 1.5.1.
    
    Signed-off-by: Duo Zhang <[email protected]>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index bf0610f615b..c9273b22b56 100644
--- a/pom.xml
+++ b/pom.xml
@@ -593,7 +593,7 @@
     <slf4j.version>1.7.33</slf4j.version>
     <clover.version>4.0.3</clover.version>
     <jamon-runtime.version>2.4.1</jamon-runtime.version>
-    <jettison.version>1.3.8</jettison.version>
+    <jettison.version>1.5.1</jettison.version>
     <!--Make sure these joni/jcodings are compatible with the versions used by 
jruby-->
     <joni.version>2.1.42</joni.version>
     <jcodings.version>1.0.56</jcodings.version>

[hbase] branch branch-2 updated: HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)

Reply via email to