(hadoop) branch branch-3.3 updated: HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to CVE-2023-52428. (#6637) (#6689) Contributed by PJ Fanning.

Mon, 01 Apr 2024 16:50:46 -0700 

This is an automated email from the ASF dual-hosted git repository.

slfan1989 pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git


The following commit(s) were added to refs/heads/branch-3.3 by this push:
     new 7cc64ce7a7c9 HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to 
CVE-2023-52428. (#6637) (#6689) Contributed by PJ Fanning.
7cc64ce7a7c9 is described below

commit 7cc64ce7a7c9c37cd9490fc9060e64d73e72b42b
Author: PJ Fanning <pjfann...@users.noreply.github.com>
AuthorDate: Tue Apr 2 01:50:33 2024 +0200

    HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to CVE-2023-52428. 
(#6637) (#6689) Contributed by PJ Fanning.
    
    Signed-off-by: Shilun Fan <slfan1...@apache.org>
---
 LICENSE-binary         | 2 +-
 hadoop-project/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/LICENSE-binary b/LICENSE-binary
index 31d744b19d5f..43866bce657f 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -242,7 +242,7 @@ com.google.guava:guava:jar:30.1.1-jre
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
 com.google.j2objc:j2objc-annotations:1.3
 com.microsoft.azure:azure-storage:7.0.1
-com.nimbusds:nimbus-jose-jwt:9.31
+com.nimbusds:nimbus-jose-jwt:9.37.2
 com.yammer.metrics:metrics-core:2.2.0
 com.zaxxer:HikariCP-java7:2.4.12
 commons-beanutils:commons-beanutils:1.9.4
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index 5b910adfecb4..f9158e833fc3 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -217,7 +217,7 @@
     <solr.version>8.8.2</solr.version>
     <openssl-wildfly.version>1.1.3.Final</openssl-wildfly.version>
     <woodstox.version>5.4.0</woodstox.version>
-    <nimbus-jose-jwt.version>9.31</nimbus-jose-jwt.version>
+    <nimbus-jose-jwt.version>9.37.2</nimbus-jose-jwt.version>
     <nodejs.version>v12.22.1</nodejs.version>
     <yarnpkg.version>v1.22.5</yarnpkg.version>
     <apache-ant.version>1.10.13</apache-ant.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org

Reply via email to