[hive] branch master updated: HIVE-26753: Upgrade Apache Ivy to 2.5.1 due to CVE-2022-37865, CVE-2022-37866 (#3776)

Tue, 29 Nov 2022 12:40:07 -0800 

This is an automated email from the ASF dual-hosted git repository.

ngangam pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git


The following commit(s) were added to refs/heads/master by this push:
     new 7207a62def2 HIVE-26753: Upgrade Apache Ivy to 2.5.1 due to 
CVE-2022-37865, CVE-2022-37866 (#3776)
7207a62def2 is described below

commit 7207a62def246b3290f1ece529e65b79012a3578
Author: Devaspati <[email protected]>
AuthorDate: Wed Nov 30 02:09:48 2022 +0530

    HIVE-26753: Upgrade Apache Ivy to 2.5.1 due to CVE-2022-37865, 
CVE-2022-37866 (#3776)
---
 hcatalog/hcatalog-pig-adapter/pom.xml | 4 ++++
 hcatalog/pom.xml                      | 4 ++++
 pom.xml                               | 2 +-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/hcatalog/hcatalog-pig-adapter/pom.xml 
b/hcatalog/hcatalog-pig-adapter/pom.xml
index b12ead55d25..afa3be4d83d 100644
--- a/hcatalog/hcatalog-pig-adapter/pom.xml
+++ b/hcatalog/hcatalog-pig-adapter/pom.xml
@@ -93,6 +93,10 @@
           <groupId>tomcat</groupId>
           <artifactId>jasper-runtime</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>org.apache.ivy</groupId>
+          <artifactId>ivy</artifactId>
+        </exclusion>
         <exclusion>
           <groupId>tomcat</groupId>
           <artifactId>jasper-compiler</artifactId>
diff --git a/hcatalog/pom.xml b/hcatalog/pom.xml
index 78a3d9b0a7f..8216868d564 100644
--- a/hcatalog/pom.xml
+++ b/hcatalog/pom.xml
@@ -94,6 +94,10 @@
           <groupId>org.codehaus.groovy</groupId>
           <artifactId>groovy-all</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>org.apache.ivy</groupId>
+          <artifactId>ivy</artifactId>
+        </exclusion>
         <exclusion>
           <groupId>tomcat</groupId>
           <artifactId>jasper-compiler</artifactId>
diff --git a/pom.xml b/pom.xml
index 32d8d553db1..5953917f4dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -145,7 +145,7 @@
     <!-- httpcomponents are not always in version sync -->
     <httpcomponents.client.version>4.5.13</httpcomponents.client.version>
     <httpcomponents.core.version>4.4.13</httpcomponents.core.version>
-    <ivy.version>2.4.0</ivy.version>
+    <ivy.version>2.5.1</ivy.version>
     <jackson.version>2.12.7</jackson.version>
     <jamon.plugin.version>2.3.4</jamon.plugin.version>
     <jamon-runtime.version>2.3.1</jamon-runtime.version>

Reply via email to