This is an automated email from the ASF dual-hosted git repository.

lvshaokang pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git


The following commit(s) were added to refs/heads/dev by this push:
     new 09f13cbe0 [Fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752 (#1805)
09f13cbe0 is described below

commit 09f13cbe012aa1fb4c19e384f22d35868233f0f9
Author: benjobs <[email protected]>
AuthorDate: Tue Oct 11 18:28:37 2022 +0800

    [Fix][sec] Bump snakeyaml to 1.32 for CVE-2022-38752 (#1805)
---
 dist-material/release-docs/LICENSE                   | 11 +++++------
 pom.xml                                              |  2 +-
 streampark-flink/streampark-flink-kubernetes/pom.xml |  2 +-
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/dist-material/release-docs/LICENSE 
b/dist-material/release-docs/LICENSE
index b07dc39d1..866bb280e 100644
--- a/dist-material/release-docs/LICENSE
+++ b/dist-material/release-docs/LICENSE
@@ -190,10 +190,10 @@ licenses.
 The following components are provided under the  License. See project link for 
details.
 The text of each license is also included in licenses/LICENSE-[project].txt.
 
-    https://mvnrepository.com/artifact/com.aliyun.oss/aliyun-sdk-oss/3.15.0 
-    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-core/4.5.10 
-    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-kms/2.11.0 
-    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-ram/3.1.0 
+    https://mvnrepository.com/artifact/com.aliyun.oss/aliyun-sdk-oss/3.15.0
+    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-core/4.5.10
+    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-kms/2.11.0
+    https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-ram/3.1.0
 
 ========================================================================
 Apache-2.0 licenses
@@ -610,8 +610,7 @@ The text of each license is the standard Apache 2.0 license.
     https://mvnrepository.com/artifact/org.xerial.snappy/snappy-java/1.1.7.3 
Apache-2.0
     https://mvnrepository.com/artifact/org.xerial.snappy/snappy-java/1.0.5 
Apache-2.0
     https://mvnrepository.com/artifact/org.xerial.snappy/snappy-java/1.1.8.4 
Apache-2.0
-    https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.31 Apache-2.0
-    https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.29 Apache-2.0
+    https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.32 Apache-2.0
     https://mvnrepository.com/artifact/p6spy/p6spy/3.9.1 Apache-2.0
     
https://mvnrepository.com/artifact/ru.yandex.clickhouse/clickhouse-jdbc/0.3.2 
Apache-2.0
     https://mvnrepository.com/artifact/stax/stax-api/1.0.1 Apache-2.0
diff --git a/pom.xml b/pom.xml
index c46fabbd5..c2ddc1981 100644
--- a/pom.xml
+++ b/pom.xml
@@ -113,7 +113,7 @@
         <caffeine.version>2.8.6</caffeine.version>
         <mysql.version>8.0.16</mysql.version>
         <hikariCP.version>3.4.5</hikariCP.version>
-        <snakeyaml.version>1.31</snakeyaml.version>
+        <snakeyaml.version>1.32</snakeyaml.version>
         <json4s-jackson.version>3.7.0-M2</json4s-jackson.version>
         <hbase-client.version>1.3.5</hbase-client.version>
         <commons-cli.version>1.3.1</commons-cli.version>
diff --git a/streampark-flink/streampark-flink-kubernetes/pom.xml 
b/streampark-flink/streampark-flink-kubernetes/pom.xml
index 019fe35c4..e7bc68a97 100644
--- a/streampark-flink/streampark-flink-kubernetes/pom.xml
+++ b/streampark-flink/streampark-flink-kubernetes/pom.xml
@@ -31,7 +31,7 @@
 
     <properties>
         <apache.httpclient5.version>5.1</apache.httpclient5.version>
-        <snakeyaml.version>1.29</snakeyaml.version>
+        <snakeyaml.version>1.32</snakeyaml.version>
         <scalatest.skiptests>true</scalatest.skiptests>
     </properties>
 

Reply via email to