This is an automated email from the ASF dual-hosted git repository.
ayushsaxena pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.3 by this push:
new fad316a83cae HADOOP-18924. Upgrade to grpc 1.53.0 due to CVEs (#6161).
Contributed by PJ Fanning.. (#6313)
fad316a83cae is described below
commit fad316a83caeca88eeef4375f3af9abf69fe54f2
Author: PJ Fanning <pjfann...@users.noreply.github.com>
AuthorDate: Tue Dec 5 20:17:21 2023 +0100
HADOOP-18924. Upgrade to grpc 1.53.0 due to CVEs (#6161). Contributed by PJ
Fanning.. (#6313)
---
LICENSE-binary | 16 ++++++++--------
.../hadoop-yarn/hadoop-yarn-csi/pom.xml | 22 ++++++++++++++++++++--
2 files changed, 28 insertions(+), 10 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index d84f311ce190..1c734cbe9641 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -255,13 +255,13 @@ commons-logging:commons-logging:1.1.3
commons-net:commons-net:3.9.0
de.ruedigermoeller:fst:2.50
io.dropwizard.metrics:metrics-core:3.2.4
-io.grpc:grpc-api:1.26.0
-io.grpc:grpc-context:1.26.0
-io.grpc:grpc-core:1.26.0
-io.grpc:grpc-netty:1.26.0
-io.grpc:grpc-protobuf:1.26.0
-io.grpc:grpc-protobuf-lite:1.26.0
-io.grpc:grpc-stub:1.26.0
+io.grpc:grpc-api:1.53.0
+io.grpc:grpc-context:1.53.0
+io.grpc:grpc-core:1.53.0
+io.grpc:grpc-netty:1.53.0
+io.grpc:grpc-protobuf:1.53.0
+io.grpc:grpc-protobuf-lite:1.53.0
+io.grpc:grpc-stub:1.53.0
io.netty:netty:3.10.6.Final
io.netty:netty-all:4.1.100.Final
io.netty:netty-buffer:4.1.100.Final
@@ -446,7 +446,7 @@ org.bouncycastle:bcpkix-jdk15on:1.68
org.bouncycastle:bcprov-jdk15on:1.68
org.checkerframework:checker-qual:2.5.2
org.checkerframework:checker-qual:3.8.0
-org.codehaus.mojo:animal-sniffer-annotations:1.17
+org.codehaus.mojo:animal-sniffer-annotations:1.21
org.jruby.jcodings:jcodings:1.0.13
org.jruby.joni:joni:2.1.2
org.ojalgo:ojalgo:43.0
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
index be0e1684cbd3..1fad432ca094 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-csi/pom.xml
@@ -26,7 +26,8 @@
<packaging>jar</packaging>
<properties>
- <grpc.version>1.26.0</grpc.version>
+ <grpc.version>1.53.0</grpc.version>
+ <animal-sniffer.version>1.21</animal-sniffer.version>
</properties>
<dependencies>
@@ -48,6 +49,17 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-core</artifactId>
<version>${grpc.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-annotations</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-annotations</artifactId>
+ <version>${animal-sniffer.version}</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
@@ -65,6 +77,12 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-stub</artifactId>
<version>${grpc.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-annotations</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
@@ -187,7 +205,7 @@
<configuration>
<protocArtifact>com.google.protobuf:protoc:${hadoop.protobuf.version}:exe:${os.detected.classifier}</protocArtifact>
<pluginId>grpc-java</pluginId>
-
<pluginArtifact>io.grpc:protoc-gen-grpc-java:1.26.0:exe:${os.detected.classifier}</pluginArtifact>
+
<pluginArtifact>io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${os.detected.classifier}</pluginArtifact>
</configuration>
<executions>
<execution>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
