[inlong] branch master updated: [INLONG-9046][CVE] Bump snappy-java to 1.1.10.4 (#9047)

Sun, 15 Oct 2023 20:36:17 -0700 

This is an automated email from the ASF dual-hosted git repository.

dockerzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git


The following commit(s) were added to refs/heads/master by this push:
     new a2efe43443 [INLONG-9046][CVE] Bump snappy-java to 1.1.10.4 (#9047)
a2efe43443 is described below

commit a2efe43443c33d862d3a800022f0aca9b59a37ac
Author: Charles Zhang <[email protected]>
AuthorDate: Mon Oct 16 11:35:46 2023 +0800

    [INLONG-9046][CVE] Bump snappy-java to 1.1.10.4 (#9047)
---
 licenses/inlong-agent/LICENSE           | 2 +-
 licenses/inlong-audit/LICENSE           | 2 +-
 licenses/inlong-dataproxy/LICENSE       | 2 +-
 licenses/inlong-manager/LICENSE         | 2 +-
 licenses/inlong-sort-connectors/LICENSE | 2 +-
 licenses/inlong-sort-standalone/LICENSE | 2 +-
 licenses/inlong-sort/LICENSE            | 2 +-
 pom.xml                                 | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/licenses/inlong-agent/LICENSE b/licenses/inlong-agent/LICENSE
index 39e92d460c..82252325ff 100644
--- a/licenses/inlong-agent/LICENSE
+++ b/licenses/inlong-agent/LICENSE
@@ -438,7 +438,7 @@ The text of each license is the standard Apache 2.0 license.
   io.prometheus:simpleclient_tracer_common:0.14.1 - Prometheus Java Span 
Context Supplier - Common 
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache 
Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context 
Supplier - OpenTelemetry 
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache 
Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span 
Context Supplier - OpenTelemetry Agent 
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache 
Software License, Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
   javax.validation:validation-api:1.1.0.Final - Bean Validation API 
(https://github.com/eclipse-ee4j/beanvalidation-api/tree/1.1.0.Final), (The 
Apache Software License, Version 2.0)
   org.apache.velocity:velocity-engine-core:2.3 - Apache Velocity - Engine 
(https://github.com/apache/velocity-engine/tree/2.3/velocity-engine-core), 
(Apache License, Version 2.0)
   org.apache.zookeeper:zookeeper:3.6.3 - Apache ZooKeeper - Server 
(https://github.com/apache/zookeeper/tree/release-3.6.3/zookeeper-server), 
(Apache License, Version 2.0)
diff --git a/licenses/inlong-audit/LICENSE b/licenses/inlong-audit/LICENSE
index 406f9c79d7..753659b745 100644
--- a/licenses/inlong-audit/LICENSE
+++ b/licenses/inlong-audit/LICENSE
@@ -521,7 +521,7 @@ The text of each license is also included at 
licenses/LICENSE-[project].txt.
   org.projectlombok:lombok:1.18.22 - Project Lombok 
(https://projectlombok.org), (The MIT License)
   org.slf4j:slf4j-api:1.7.36 - SLF4J API Module (http://www.slf4j.org), (MIT 
License)
   org.yaml:snakeyaml:1.29 - SnakeYAML 
(https://bitbucket.org/snakeyaml/snakeyaml/src/snakeyaml-1.29/), (Apache 
License, Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
 
 
 ========================================================================
diff --git a/licenses/inlong-dataproxy/LICENSE 
b/licenses/inlong-dataproxy/LICENSE
index 2bf26de6e8..3abae1132e 100644
--- a/licenses/inlong-dataproxy/LICENSE
+++ b/licenses/inlong-dataproxy/LICENSE
@@ -409,7 +409,7 @@ The text of each license is the standard Apache 2.0 license.
   io.prometheus:simpleclient_tracer_common:0.14.1 - Prometheus Java Span 
Context Supplier - Common (https://github.com/prometheus/client_java), (The 
Apache Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context 
Supplier - OpenTelemetry (https://github.com/prometheus/client_java), (The 
Apache Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span 
Context Supplier - OpenTelemetry Agent 
(https://github.com/prometheus/client_java), (The Apache Software License, 
Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
   javax.validation:validation-api:1.1.0.Final - Bean Validation API 
(http://beanvalidation.org), (The Apache Software License, Version 2.0)
   org.apache.velocity:velocity-engine-core:2.3 - Apache Velocity - Engine 
(https://github.com/apache/velocity-engine/tree/2.3/velocity-engine-core), 
(Apache License, Version 2.0)
   org.apache.zookeeper:zookeeper:3.6.3 - Apache ZooKeeper - Server 
(https://github.com/apache/zookeeper/tree/release-3.6.3/zookeeper-server), 
(Apache License, Version 2.0)
diff --git a/licenses/inlong-manager/LICENSE b/licenses/inlong-manager/LICENSE
index 2643cf219a..8b062c7264 100644
--- a/licenses/inlong-manager/LICENSE
+++ b/licenses/inlong-manager/LICENSE
@@ -546,7 +546,7 @@ The text of each license is the standard Apache 2.0 license.
   io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context 
Supplier - OpenTelemetry 
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache 
Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span 
Context Supplier - OpenTelemetry Agent 
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache 
Software License, Version 2.0)
   org.yaml:snakeyaml:1.30 - SnakeYAML 
(https://bitbucket.org/snakeyaml/snakeyaml/src/snakeyaml-1.30/), (Apache 
License, Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
   org.springframework.boot:spring-boot:2.6.15 - spring-boot 
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
   org.springframework.boot:spring-boot-autoconfigure:2.6.15 - 
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache 
License, Version 2.0)
   org.springframework.boot:spring-boot-configuration-processor:2.6.15 - 
spring-boot-configuration-processor (https://spring.io/projects/spring-boot), 
(Apache License, Version 2.0)
diff --git a/licenses/inlong-sort-connectors/LICENSE 
b/licenses/inlong-sort-connectors/LICENSE
index 56dad549cb..30ac8fcdf8 100644
--- a/licenses/inlong-sort-connectors/LICENSE
+++ b/licenses/inlong-sort-connectors/LICENSE
@@ -1026,7 +1026,7 @@ The text of each license is the standard Apache 2.0 
license.
   org.reflections:reflections:0.10.2 - Reflections 
(https://github.com/ronmamo/reflections/tree/0.10.2), (The Apache Software 
License, Version 2.0;  WTFPL)
   org.yaml:snakeyaml:1.17 - SnakeYAML 
(https://bitbucket.org/snakeyaml/snakeyaml/src/v1.17/), (Apache License, 
Version 2.0)
   org.yaml:snakeyaml:1.26 - SnakeYAML 
(https://bitbucket.org/snakeyaml/snakeyaml/src/v1.26/), (Apache License, 
Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
   com.tdunning:t-digest:3.2 - T-Digest 
(https://github.com/tdunning/t-digest/tree/t-digest-3.2), (The Apache Software 
License, Version 2.0)
   javax.validation:validation-api:1.1.0.Final - Bean Validation API 
(http://beanvalidation.org), (The Apache Software License, Version 2.0)
   com.fasterxml.woodstox:woodstox-core:5.4.0 - Woodstox 
(https://github.com/FasterXML/woodstox/tree/woodstox-core-5.4.0), (The Apache 
License, Version 2.0)
diff --git a/licenses/inlong-sort-standalone/LICENSE 
b/licenses/inlong-sort-standalone/LICENSE
index 88698f382d..3cd5f5a2cc 100644
--- a/licenses/inlong-sort-standalone/LICENSE
+++ b/licenses/inlong-sort-standalone/LICENSE
@@ -483,7 +483,7 @@ The text of each license is the standard Apache 2.0 license.
   io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context 
Supplier - OpenTelemetry 
(https://github.com/prometheus/client_java/tree/parent-0.14.1/simpleclient_tracer/simpleclient_tracer_otel),
 (The Apache Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span 
Context Supplier - OpenTelemetry Agent 
(https://github.com/prometheus/client_java/tree/parent-0.14.1/simpleclient_tracer/simpleclient_tracer_otel_agent),
 (The Apache Software License, Version 2.0)
   org.yaml:snakeyaml:1.17 - SnakeYAML 
(https://bitbucket.org/snakeyaml/snakeyaml/src/v1.17/), (Apache License, 
Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (The Apache Software License, Version 
2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (The Apache Software License, Version 
2.0)
   com.tdunning:t-digest:3.2 - T-Digest (https://github.com/tdunning/t-digest), 
(The Apache Software License, Version 2.0)
   com.tencentcloudapi.cls:tencentcloud-cls-sdk-java:1.0.9 - 
tencentcloud-cls-sdk-java 
(https://github.com/TencentCloud/tencentcloud-cls-sdk-java/tree/v1.0.9), 
(Apache License, Version 2.0)
   javax.validation:validation-api:1.1.0.Final - Bean Validation API 
(http://beanvalidation.org), (The Apache Software License, Version 2.0)
diff --git a/licenses/inlong-sort/LICENSE b/licenses/inlong-sort/LICENSE
index 8f798137e7..002b684267 100644
--- a/licenses/inlong-sort/LICENSE
+++ b/licenses/inlong-sort/LICENSE
@@ -399,7 +399,7 @@ The text of each license is the standard Apache 2.0 license.
   io.prometheus:simpleclient_tracer_common:0.14.1 - Prometheus Java Span 
Context Supplier - Common 
(https://github.com/prometheus/client_java/tree/parent-0.14.1/simpleclient_tracer/simpleclient_tracer_common),
 (The Apache Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context 
Supplier - OpenTelemetry 
(https://github.com/prometheus/client_java/tree/parent-0.14.1/simpleclient_tracer/simpleclient_tracer_otel),
 (The Apache Software License, Version 2.0)
   io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span 
Context Supplier - OpenTelemetry Agent 
(https://github.com/prometheus/client_java/tree/parent-0.14.1/simpleclient_tracer/simpleclient_tracer_otel_agent),
 (The Apache Software License, Version 2.0)
-  org.xerial.snappy:snappy-java:1.1.10.1 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
+  org.xerial.snappy:snappy-java:1.1.10.4 - snappy-java 
(https://github.com/xerial/snappy-java), (Apache-2.0)
 
 
 ========================================================================
diff --git a/pom.xml b/pom.xml
index 3bfb8d06f3..30be5099c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -111,7 +111,7 @@
         <elasticsearch7.version>7.9.2</elasticsearch7.version>
         <shiro.version>1.10.1</shiro.version>
 
-        <snappy.version>1.1.10.1</snappy.version>
+        <snappy.version>1.1.10.4</snappy.version>
         <protobuf.version>3.19.6</protobuf.version>
         <bytebuddy.version>1.12.9</bytebuddy.version>
         <reflections.version>0.10.2</reflections.version>

Reply via email to