[pulsar] branch master updated: Upgrade commons-collections for Security Vulnerabilities[CVE-2015-7501] (#2886)

Mon, 29 Oct 2018 23:27:01 -0700 

This is an automated email from the ASF dual-hosted git repository.

mmerli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new c7e2197  Upgrade commons-collections for Security 
Vulnerabilities[CVE-2015-7501] (#2886)
c7e2197 is described below

commit c7e2197a7452729600a76204f1b2b00dabfd5c4b
Author: Rajan Dhabalia <[email protected]>
AuthorDate: Mon Oct 29 23:26:03 2018 -0700

    Upgrade commons-collections for Security Vulnerabilities[CVE-2015-7501] 
(#2886)
    
    * Upgrade commons-collections for Security Vulnerabilities[CVE-2015-7501]
    
    * fix license
    
    * fix license
---
 distribution/server/src/assemble/LICENSE.bin.txt | 2 +-
 pom.xml                                          | 7 +++++++
 pulsar-sql/presto-distribution/LICENSE           | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt 
b/distribution/server/src/assemble/LICENSE.bin.txt
index 1a3774c..fcaf1ed 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -339,7 +339,7 @@ The Apache Software License, Version 2.0
     - commons-beanutils-commons-beanutils-core-1.8.0.jar
     - commons-cli-commons-cli-1.2.jar
     - commons-codec-commons-codec-1.10.jar
-    - commons-collections-commons-collections-3.2.1.jar
+    - commons-collections-commons-collections-3.2.2.jar
     - commons-configuration-commons-configuration-1.6.jar
     - commons-digester-commons-digester-1.8.jar
     - commons-io-commons-io-2.5.jar
diff --git a/pom.xml b/pom.xml
index ef870ab..fb8a3bd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -152,6 +152,7 @@ flexible messaging model and an intuitive client 
API.</description>
     <aspectj.version>1.9.1</aspectj.version>
     <rocksdb.version>5.13.3</rocksdb.version>
     <slf4j.version>1.7.25</slf4j.version>
+    <commons.collections.version>3.2.2</commons.collections.version>
     <log4j2.version>2.10.0</log4j2.version>
     <bouncycastle.version>1.55</bouncycastle.version>
     <jackson.version>2.8.4</jackson.version>
@@ -813,6 +814,12 @@ flexible messaging model and an intuitive client 
API.</description>
           </exclusion>
         </exclusions>
       </dependency>
+      
+      <dependency>
+        <groupId>commons-collections</groupId>
+        <artifactId>commons-collections</artifactId>
+        <version>${commons.collections.version}</version>
+      </dependency>
 
       <dependency>
         <groupId>org.apache.jclouds</groupId>
diff --git a/pulsar-sql/presto-distribution/LICENSE 
b/pulsar-sql/presto-distribution/LICENSE
index 92ddc60..9e5e9fe 100644
--- a/pulsar-sql/presto-distribution/LICENSE
+++ b/pulsar-sql/presto-distribution/LICENSE
@@ -243,7 +243,7 @@ The Apache Software License, Version 2.0
     - commons-compress-1.15.jar
     - commons-lang3-3.3.2.jar
     - commons-lang3-3.4.jar
-    - commons-collections-3.2.1.jar
+    - commons-collections-3.2.2.jar
     - commons-configuration-1.6.jar
     - commons-digester-1.8.jar
     - commons-lang-2.4.jar

Reply via email to