[
https://issues.apache.org/jira/browse/HBASE-22130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16805237#comment-16805237
]
stack commented on HBASE-22130:
-------------------------------
.0001
Updates:
gson 2.8.1 -> 2.8.5
guava 22.0 -> 27.1-jre
pb 3.5.1 -> 3.7.0
netty 4.1.17 -> 4.1.34
commons-collections4 4.1 -> 4.3
Updated apache parent pom from 18 to 21 and misc plugins.
Next would be putting up an RC.
> [hbase-thirdparty] Upgrade thirdparty dependencies
> --------------------------------------------------
>
> Key: HBASE-22130
> URL: https://issues.apache.org/jira/browse/HBASE-22130
> Project: HBase
> Issue Type: Task
> Components: thirdparty
> Reporter: Duo Zhang
> Assignee: kevin su
> Priority: Major
> Attachments:
> 0001-HBASE-22130-hbase-thirdparty-Upgrade-thirdparty-depe.patch
>
>
> First guava has a CVE so we need to upgrade to at least 26.0, better to the
> newest 27.1.
> And we can also upgrade the other dependencies to the newest version at the
> same time.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
