symat opened a new pull request, #1956: URL: https://github.com/apache/zookeeper/pull/1956
dependency checks are failing currently on branch-3.6: ``` mvn clean package -DskipTests dependency-check:check (...) [ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.1.0:check (default-cli) on project zookeeper: [ERROR] [ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '0.0': [ERROR] [ERROR] jackson-databind-2.13.2.1.jar: CVE-2022-42003(7.5), CVE-2022-42004(7.5) [ERROR] jetty-io-9.4.43.v20210629.jar: CVE-2022-2047(2.7), CVE-2022-2048(7.5) [ERROR] jetty-server-9.4.43.v20210629.jar: CVE-2022-2047(2.7), CVE-2022-2048(7.5) [ERROR] netty-transport-4.1.76.Final.jar: CVE-2022-24823(5.5) ``` In this commit I updated several third party libraries and also updated / fixes license and notice files. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
