(pulsar) branch branch-3.0 updated: [fix][sec] Upgrade vertx to 4.5.10 to address CVE-2024-8391 (#23338)

Mon, 23 Sep 2024 06:51:59 -0700 

This is an automated email from the ASF dual-hosted git repository.

lhotari pushed a commit to branch branch-3.0
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/branch-3.0 by this push:
     new e8e9126bb1a [fix][sec] Upgrade vertx to 4.5.10 to address 
CVE-2024-8391 (#23338)
e8e9126bb1a is described below

commit e8e9126bb1ac4d2baf91bb73f4b4c12e81fe4497
Author: Lari Hotari <[email protected]>
AuthorDate: Mon Sep 23 16:37:33 2024 +0300

    [fix][sec] Upgrade vertx to 4.5.10 to address CVE-2024-8391 (#23338)
    
    (cherry picked from commit 501dfdeace9ef321acbdc5ce32d98eb3e56e083a)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 10 +++++-----
 pom.xml                                          |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt 
b/distribution/server/src/assemble/LICENSE.bin.txt
index a9fccb4d90a..3f63975b1a8 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -476,11 +476,11 @@ The Apache Software License, Version 2.0
   * JCTools - Java Concurrency Tools for the JVM
     - org.jctools-jctools-core-2.1.2.jar
   * Vertx
-    - io.vertx-vertx-auth-common-4.5.8.jar
-    - io.vertx-vertx-bridge-common-4.5.8.jar
-    - io.vertx-vertx-core-4.5.8.jar
-    - io.vertx-vertx-web-4.5.8.jar
-    - io.vertx-vertx-web-common-4.5.8.jar
+    - io.vertx-vertx-auth-common-4.5.10.jar
+    - io.vertx-vertx-bridge-common-4.5.10.jar
+    - io.vertx-vertx-core-4.5.10.jar
+    - io.vertx-vertx-web-4.5.10.jar
+    - io.vertx-vertx-web-common-4.5.10.jar
   * Apache ZooKeeper
     - org.apache.zookeeper-zookeeper-3.9.2.jar
     - org.apache.zookeeper-zookeeper-jute-3.9.2.jar
diff --git a/pom.xml b/pom.xml
index 352902d1f58..7ef0a0eace0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -150,7 +150,7 @@ flexible messaging model and an intuitive client 
API.</description>
     <jersey.version>2.42</jersey.version>
     <athenz.version>1.10.50</athenz.version>
     <prometheus.version>0.16.0</prometheus.version>
-    <vertx.version>4.5.8</vertx.version>
+    <vertx.version>4.5.10</vertx.version>
     <rocksdb.version>7.9.2</rocksdb.version>
     <slf4j.version>1.7.32</slf4j.version>
     <commons.collections4.version>4.4</commons.collections4.version>

Reply via email to