This is an automated email from the ASF dual-hosted git repository.
stevel pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop-thirdparty.git
The following commit(s) were added to refs/heads/trunk by this push:
new fd6cda9 HADOOP-18721. Upgrade guava in hadoop-thirdparty to 31.1-jre
(#22)
fd6cda9 is described below
commit fd6cda9a65e32f5b4457a1337e3dc7f939578362
Author: Murali Krishna <muralikrishna.dm...@gmail.com>
AuthorDate: Tue May 2 18:28:35 2023 +0530
HADOOP-18721. Upgrade guava in hadoop-thirdparty to 31.1-jre (#22)
This fixes CVE-2020-8908
Contributed by Murali Krishna
---
LICENSE-binary | 4 ++--
pom.xml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index 978d1d7..f89a6b6 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -205,7 +205,7 @@
This project bundles some components that are also licensed under the Apache
License Version 2.0:
-com.google.guava:guava:jar:30.1.1-jre
+com.google.guava:guava:jar:31.1-jre
com.google.j2objc:j2objc-annotations:1.3
com.google.errorprone:error_prone_annotations:2.5.1
@@ -222,4 +222,4 @@ com.google.protobuf:protobuf-java:3.7.1
MIT License
-----------
-org.checkerframework:checker-qual:jar:3.8.0
\ No newline at end of file
+org.checkerframework:checker-qual:jar:3.8.0
diff --git a/pom.xml b/pom.xml
index f3dc946..e57d198 100644
--- a/pom.xml
+++ b/pom.xml
@@ -95,7 +95,7 @@
<shaded.prefix>org.apache.hadoop.thirdparty</shaded.prefix>
<protobuf.shade.prefix>${shaded.prefix}.protobuf</protobuf.shade.prefix>
<protobuf_3_7.version>3.7.1</protobuf_3_7.version>
- <guava.version>30.1.1-jre</guava.version>
+ <guava.version>31.1-jre</guava.version>
<avro.version>1.11.1</avro.version>
<!-- maven plugin versions -->
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
