This is an automated email from the ASF dual-hosted git repository.
bharathkk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/samza.git
The following commit(s) were added to refs/heads/master by this push:
new 1e8745d67 SAMZA-2758: Upgrade vulnerable versions jetty and jackson
(#1630)
1e8745d67 is described below
commit 1e8745d6780b13afc7b7efd7edd614aa4ef1147a
Author: Stuart <[email protected]>
AuthorDate: Mon Sep 19 18:08:58 2022 +0100
SAMZA-2758: Upgrade vulnerable versions jetty and jackson (#1630)
Issues: Upgrade dependencies for security fixes and enhancements for jetty
and jackson
In current dependencies there are security vulnerabilities
Jackson:
https://security.snyk.io/package/maven/com.fasterxml.jackson.core:jackson-databind/2.12.2
Jetty:
https://security.snyk.io/package/maven/org.eclipse.jetty:jetty-server/9.4.38.v20210224
Upgrade Jackson to version: 2.13.3
Upgrade Jetty to 9.4.48.v20220622
---
gradle/dependency-versions.gradle | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gradle/dependency-versions.gradle
b/gradle/dependency-versions.gradle
index 79f30f83a..4e848de43 100644
--- a/gradle/dependency-versions.gradle
+++ b/gradle/dependency-versions.gradle
@@ -30,9 +30,9 @@
guavaVersion = "30.1-jre"
hamcrestVersion = "1.3"
httpClientVersion = "4.4.1"
- jacksonVersion = "2.12.2"
+ jacksonVersion = "2.13.3"
jerseyVersion = "2.22.1"
- jettyVersion = "9.4.38.v20210224"
+ jettyVersion = "9.4.48.v20220622"
jodaTimeVersion = "2.10.10"
joptSimpleVersion = "5.0.4"
junitVersion = "4.12"
