github
/
DolphinScheduler
mirror of https://gitee.com/dolphinscheduler/DolphinScheduler.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

issue-10356: upgrade logback to fix cve (#10357) 

(cherry picked from commit d044e0479d)
3.0.0/version-upgrade
PJ Fanning 2 years ago committed by devosend
parent
ab7a843201
commit
67f6c003f7
3 changed files with 5 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      dolphinscheduler-dist/release-docs/LICENSE
  2. 2
      pom.xml
  3. 4
      tools/dependencies/known-dependencies.txt

4
dolphinscheduler-dist/release-docs/LICENSE vendored
Unescape View File

@ -506,8 +506,8 @@ EPL licenses
The following components are provided under the EPL License. See project link for details.
The text of each license is also included at licenses/LICENSE-[project].txt.
aspectjweaver 1.9.7:https://mvnrepository.com/artifact/org.aspectj/aspectjweaver/1.9.7, EPL 1.0
logback-classic 1.2.3: https://mvnrepository.com/artifact/ch.qos.logback/logback-classic/1.2.3, EPL 1.0 and LGPL 2.1
logback-core 1.2.3: https://mvnrepository.com/artifact/ch.qos.logback/logback-core/1.2.3, EPL 1.0 and LGPL 2.1
logback-classic 1.2.11: https://mvnrepository.com/artifact/ch.qos.logback/logback-classic/1.2.11, EPL 1.0 and LGPL 2.1
logback-core 1.2.11: https://mvnrepository.com/artifact/ch.qos.logback/logback-core/1.2.11, EPL 1.0 and LGPL 2.1
h2-1.4.200 https://github.com/h2database/h2database/blob/master/LICENSE.txt, MPL 2.0 or EPL 1.0
========================================================================

2
pom.xml
Unescape View File

@ -55,7 +55,7 @@
<spring.version>5.3.12</spring.version>
<spring.boot.version>2.5.6</spring.boot.version>
<java.version>1.8</java.version>
<logback.version>1.2.3</logback.version>
<logback.version>1.2.11</logback.version>
<hadoop.version>2.7.3</hadoop.version>
<quartz.version>2.3.2</quartz.version>
<jackson.version>2.10.5</jackson.version>

4
tools/dependencies/known-dependencies.txt
Unescape View File

@ -151,8 +151,8 @@ libfb303-0.9.3.jar
libthrift-0.9.3.jar
log4j-1.2-api-2.14.1.jar
log4j-1.2.17.jar
logback-classic-1.2.3.jar
logback-core-1.2.3.jar
logback-classic-1.2.11.jar
logback-core-1.2.11.jar
lz4-1.3.0.jar
mapstruct-1.2.0.Final.jar
micrometer-core-1.7.5.jar

Write Preview
Loading…
Cancel
Save