This is an automated email from the ASF dual-hosted git repository.
stevel pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new 5bfca6569259 HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to
CVE-2023-52428. (#6637)
5bfca6569259 is described below
commit 5bfca656925930df73fe400bdb6afb5e1440dc63
Author: PJ Fanning <pjfann...@users.noreply.github.com>
AuthorDate: Wed Mar 27 11:30:55 2024 +0100
HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to CVE-2023-52428.
(#6637)
Contributed by PJ Fanning
---
LICENSE-binary | 2 +-
hadoop-project/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index f46d1688beed..555248e17314 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -241,7 +241,7 @@ com.google.guava:guava:20.0
com.google.guava:guava:27.0-jre
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
com.microsoft.azure:azure-storage:7.0.0
-com.nimbusds:nimbus-jose-jwt:9.31
+com.nimbusds:nimbus-jose-jwt:9.37.2
com.zaxxer:HikariCP:4.0.3
commons-beanutils:commons-beanutils:1.9.4
commons-cli:commons-cli:1.5.0
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 4ef8dcba5d9e..55eab66c9b64 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -216,7 +216,7 @@
<openssl-wildfly.version>1.1.3.Final</openssl-wildfly.version>
<jsonschema2pojo.version>1.0.2</jsonschema2pojo.version>
<woodstox.version>5.4.0</woodstox.version>
- <nimbus-jose-jwt.version>9.31</nimbus-jose-jwt.version>
+ <nimbus-jose-jwt.version>9.37.2</nimbus-jose-jwt.version>
<nodejs.version>v12.22.1</nodejs.version>
<yarnpkg.version>v1.22.5</yarnpkg.version>
<apache-ant.version>1.10.13</apache-ant.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org
