(pulsar) branch branch-2.10 updated: cve: exclude ch.qos.logback in canal.protocol * resolve CVE-2023-6378

xiangying Mon, 11 Dec 2023 23:36:03 -0800

This is an automated email from the ASF dual-hosted git repository.

xiangying pushed a commit to branch branch-2.10
in repository https://gitbox.apache.org/repos/asf/pulsar.git



The following commit(s) were added to refs/heads/branch-2.10 by this push:
     new 2e86e0710c6 cve: exclude ch.qos.logback in canal.protocol * resolve 
CVE-2023-6378
2e86e0710c6 is described below

commit 2e86e0710c61f23bf63a7a1720ceca556c04c62b
Author: xiangying <[email protected]>
AuthorDate: Tue Dec 12 15:33:31 2023 +0800

    cve: exclude ch.qos.logback in canal.protocol
    * resolve CVE-2023-6378
---
 pulsar-io/canal/pom.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pulsar-io/canal/pom.xml b/pulsar-io/canal/pom.xml
index f764b1cb21b..e61e8a05677 100644
--- a/pulsar-io/canal/pom.xml
+++ b/pulsar-io/canal/pom.xml
@@ -88,6 +88,12 @@
             <groupId>com.alibaba.otter</groupId>
             <artifactId>canal.protocol</artifactId>
             <version>${canal.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>ch.qos.logback</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>com.alibaba.otter</groupId>

(pulsar) branch branch-2.10 updated: cve: exclude ch.qos.logback in canal.protocol * resolve CVE-2023-6378

Reply via email to