This is an automated email from the ASF dual-hosted git repository.
saniljain15 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/samza.git
The following commit(s) were added to refs/heads/master by this push:
new 09863bf SAMZA-2630: Upgrade dependencies for security fixes (#1471)
09863bf is described below
commit 09863bf3ed6a0f892081f462a8a89f34a4a43dc2
Author: Sarah Telesia <[email protected]>
AuthorDate: Wed Mar 17 20:55:54 2021 +0000
SAMZA-2630: Upgrade dependencies for security fixes (#1471)
Upgrade dependencies for security fixes and enhancements
Guava. CVE-2018-10237, CVE-2020-8909
Commons Collections 4: CVE-2015-6420
Jetty: CVE-2020-27216, CVE-2020-27218
---
gradle/dependency-versions.gradle | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/gradle/dependency-versions.gradle
b/gradle/dependency-versions.gradle
index 434c06b..e289af0 100644
--- a/gradle/dependency-versions.gradle
+++ b/gradle/dependency-versions.gradle
@@ -17,25 +17,24 @@
* under the License.
*/
ext {
- apacheCommonsCollections4Version = "4.0"
+ apacheCommonsCollections4Version = "4.4"
avroVersion = "1.7.7"
calciteVersion = "1.22.0"
commonsCliVersion = "1.2"
commonsCodecVersion = "1.9"
- commonsCollectionVersion = "3.2.1"
commonsHttpClientVersion = "3.1"
- commonsIoVersion = "2.6"
- commonsLang3Version = "3.4"
+ commonsIoVersion = "2.8.0"
+ commonsLang3Version = "3.11"
cytodynamicsVersion = "0.2.0"
elasticsearchVersion = "2.2.0"
- gsonVersion = "2.8.5"
- guavaVersion = "23.0"
+ gsonVersion = "2.8.6"
+ guavaVersion = "30.1-jre"
hamcrestVersion = "1.3"
httpClientVersion = "4.4.1"
jacksonVersion = "2.12.2"
jerseyVersion = "2.22.1"
- jettyVersion = "9.4.20.v20190813"
- jodaTimeVersion = "2.2"
+ jettyVersion = "9.4.38.v20210224"
+ jodaTimeVersion = "2.10.10"
joptSimpleVersion = "5.0.4"
junitVersion = "4.12"
kafkaVersion = "2.3.1"
