jprdonnelly/impala
1
0
Fork 0
mirror of https://github.com/apache/impala.git synced 2025-12-30 03:01:44 -05:00
Code Issues Projects Releases Wiki Activity
Files
aa404b856f182e381f1d40b55dc568d87828d2ec
impala/java/pom.xml
Joe McDonnell aa404b856f IMPALA-11197/IMPALA-11149: Address CVEs in pac4j/xmlsec 
This upgrades pac4j and several of its dependencies
(including xmlsec) to address CVEs in those components.
Specifically:
 - pac4j 4.5.5 addresses CVE-2021-44878
 - xmlsec 2.2.3 addresses CVE-2021-40690
 - bcprov 1.68 addresses CVE-2020-15522

This also upgrade springframework to 5.2.9.RELEASE to
match the version for pac4j 4.5.5.

Testing:
 - Ran core job

Change-Id: I8421d867dd0fce8eeaa6bc13a511ca3e8dd05723
Reviewed-on: http://gerrit.cloudera.org:8080/18348
Reviewed-by: Csaba Ringhofer <csringhofer@cloudera.com>
Tested-by: Joe McDonnell <joemcdonnell@cloudera.com>
2022-03-24 15:49:47 +00:00

11 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink