This is an automated email from the ASF dual-hosted git repository.
mthomsen pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new acb25c1 NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate
CVE-2019-10086 NIFI-9170 Add two more 1.9.4 references to close out the few
things identified by the Maven dependency plugin.
acb25c1 is described below
commit acb25c1130a4a329141dc09750d6a79d2f5a3315
Author: Mohammed Nadeem <[email protected]>
AuthorDate: Fri Aug 27 13:33:20 2021 +0530
NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086
NIFI-9170 Add two more 1.9.4 references to close out the few things
identified by the Maven dependency plugin.
This closes #5351
Signed-off-by: Mike Thomsen <[email protected]>
---
nifi-external/nifi-spark-receiver/pom.xml | 6 ++++++
nifi-nar-bundles/nifi-accumulo-bundle/pom.xml | 6 ++++++
.../nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml | 4 ++++
.../nifi-framework-bundle/nifi-framework/nifi-web/pom.xml | 6 ++++++
nifi-nar-bundles/nifi-hive-bundle/pom.xml | 6 ++++++
nifi-nar-bundles/nifi-kite-bundle/pom.xml | 6 ++++++
nifi-nar-bundles/nifi-parquet-bundle/pom.xml | 6 ++++++
nifi-nar-bundles/nifi-ranger-bundle/pom.xml | 6 ++++++
.../nifi-hbase_1_1_2-client-service-bundle/pom.xml | 6 ++++++
.../nifi-hbase_2-client-service-bundle/pom.xml | 6 ++++++
nifi-toolkit/nifi-toolkit-admin/pom.xml | 5 +++++
11 files changed, 63 insertions(+)
diff --git a/nifi-external/nifi-spark-receiver/pom.xml
b/nifi-external/nifi-spark-receiver/pom.xml
index dd82b8d..25f2c79 100644
--- a/nifi-external/nifi-spark-receiver/pom.xml
+++ b/nifi-external/nifi-spark-receiver/pom.xml
@@ -36,6 +36,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
<dependencies>
diff --git a/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
b/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
index f4d3271..b32d007 100644
--- a/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
@@ -48,6 +48,12 @@
<artifactId>commons-io</artifactId>
<version>2.10.0</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
index e08bf5e..ead30bf 100644
---
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
+++
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
@@ -39,5 +39,9 @@
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-web-security</artifactId>
</dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ </dependency>
</dependencies>
</project>
diff --git
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
index 99fbb81..ca18417 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
@@ -66,6 +66,12 @@
<type>war</type>
<version>1.15.0-SNAPSHOT</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-hive-bundle/pom.xml
b/nifi-nar-bundles/nifi-hive-bundle/pom.xml
index c87ffe1..94124ef 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/pom.xml
@@ -85,6 +85,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
diff --git a/nifi-nar-bundles/nifi-kite-bundle/pom.xml
b/nifi-nar-bundles/nifi-kite-bundle/pom.xml
index eb97c2e..1997d1f 100644
--- a/nifi-nar-bundles/nifi-kite-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-kite-bundle/pom.xml
@@ -56,6 +56,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
<!-- Override jackson 2.3.1 from kite -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
diff --git a/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
b/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
index 99b53aa..82c2026 100644
--- a/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
@@ -51,6 +51,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
index 48b08c7..3b98cdf 100644
--- a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
@@ -53,6 +53,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
<!-- Override jackson-databind 2.9.10.4 from ranger -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
diff --git
a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
index b61f4df..f5ddf96 100644
---
a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
+++
b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
@@ -100,6 +100,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git
a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
index 96eadf7..b6eabb3 100644
---
a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
+++
b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
@@ -70,6 +70,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-toolkit/nifi-toolkit-admin/pom.xml
b/nifi-toolkit/nifi-toolkit-admin/pom.xml
index cbdff4d..5f35b32 100644
--- a/nifi-toolkit/nifi-toolkit-admin/pom.xml
+++ b/nifi-toolkit/nifi-toolkit-admin/pom.xml
@@ -22,6 +22,11 @@ language governing permissions and limitations under the
License. -->
<dependencies>
<dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
+ <dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
<version>1.4</version>
