[kylin] branch main updated: [KYLIN-5159] upgrade some common libs due to CVEs (#1814)

Wed, 06 Apr 2022 02:24:15 -0700 

This is an automated email from the ASF dual-hosted git repository.

xxyu pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/kylin.git


The following commit(s) were added to refs/heads/main by this push:
     new 0fa41762ec [KYLIN-5159] upgrade some common libs due to CVEs (#1814)
0fa41762ec is described below

commit 0fa41762ec0fc69c0b8029fc8a81b273388bbf1d
Author: PJ Fanning <pjfann...@users.noreply.github.com>
AuthorDate: Wed Apr 6 11:23:57 2022 +0200

    [KYLIN-5159] upgrade some common libs due to CVEs (#1814)
    
    * [KYLIN-5159] upgrade some common libs due to CVEs
    
    * upgrade xerces and jetty
---
 pom.xml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 93d77a2f4c..454bef9f5f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -111,7 +111,7 @@
     <commons-cli.version>1.2</commons-cli.version>
     <commons-lang.version>2.6</commons-lang.version>
     <commons-httpclient.version>3.1</commons-httpclient.version>
-    <commons-io.version>2.4</commons-io.version>
+    <commons-io.version>2.11.0</commons-io.version>
     <commons-upload.version>1.3.3</commons-upload.version>
     <commons-math3.version>3.1.1</commons-math3.version>
     <commons-collections.version>3.2.2</commons-collections.version>
@@ -125,8 +125,8 @@
     <junit.version>4.12</junit.version>
     <mrunit.version>1.1.0</mrunit.version>
     <dbunit.version>2.5.4</dbunit.version>
-    <h2.version>1.4.196</h2.version>
-    <jetty.version>9.4.32.v20200930</jetty.version>
+    <h2.version>2.1.210</h2.version>
+    <jetty.version>9.4.46.v20220331</jetty.version>
     <jamm.version>0.3.1</jamm.version>
     <mockito.version>2.7.14</mockito.version>
     <mockito-all.version>1.9.5</mockito-all.version>
@@ -137,13 +137,13 @@
     <commons-lang3.version>3.5</commons-lang3.version>
     <commons-email.version>1.5</commons-email.version>
     <commons-validator.version>1.4.0</commons-validator.version>
-    <commons-compress.version>1.18</commons-compress.version>
+    <commons-compress.version>1.21</commons-compress.version>
     <commons-dbcp.version>1.4</commons-dbcp.version>
 
     <!-- Utility -->
     <log4j.version>1.2.17</log4j.version>
     <slf4j.version>1.7.21</slf4j.version>
-    <xerces.version>2.11.0</xerces.version>
+    <xerces.version>2.12.2</xerces.version>
     <xalan.version>2.7.2</xalan.version>
     <ehcache.version>2.10.2.2.21</ehcache.version>
     <memcached.verion>2.12.3</memcached.verion>

Reply via email to