Browse Source

issues-10354: upgrade commons-io to fix CVE (#10355)

(cherry picked from commit b6350280e6)
3.0.0/version-upgrade
PJ Fanning 2 years ago committed by devosend
parent
commit
ab7a843201
  1. 4
      dolphinscheduler-dist/release-docs/LICENSE
  2. 4
      pom.xml
  3. 4
      tools/dependencies/known-dependencies.txt

4
dolphinscheduler-dist/release-docs/LICENSE vendored

@ -238,7 +238,7 @@ The text of each license is also included at licenses/LICENSE-[project].txt.
commons-dbcp 1.4: https://github.com/apache/commons-dbcp, Apache 2.0 commons-dbcp 1.4: https://github.com/apache/commons-dbcp, Apache 2.0
commons-email 1.5: https://github.com/apache/commons-email, Apache 2.0 commons-email 1.5: https://github.com/apache/commons-email, Apache 2.0
commons-httpclient 3.0.1: https://mvnrepository.com/artifact/commons-httpclient/commons-httpclient/3.0.1, Apache 2.0 commons-httpclient 3.0.1: https://mvnrepository.com/artifact/commons-httpclient/commons-httpclient/3.0.1, Apache 2.0
commons-io 2.4: https://github.com/apache/commons-io, Apache 2.0 commons-io 2.11.0: https://github.com/apache/commons-io, Apache 2.0
commons-lang 2.6: https://github.com/apache/commons-lang, Apache 2.0 commons-lang 2.6: https://github.com/apache/commons-lang, Apache 2.0
commons-logging 1.1.1: https://github.com/apache/commons-logging, Apache 2.0 commons-logging 1.1.1: https://github.com/apache/commons-logging, Apache 2.0
commons-math3 3.1.1: https://mvnrepository.com/artifact/org.apache.commons/commons-math3/3.1.1, Apache 2.0 commons-math3 3.1.1: https://mvnrepository.com/artifact/org.apache.commons/commons-math3/3.1.1, Apache 2.0
@ -286,7 +286,7 @@ The text of each license is also included at licenses/LICENSE-[project].txt.
hive-storage-api 2.1.0: https://mvnrepository.com/artifact/org.apache.hive/hive-storage-api/2.1.0, Apache 2.0 hive-storage-api 2.1.0: https://mvnrepository.com/artifact/org.apache.hive/hive-storage-api/2.1.0, Apache 2.0
htrace-core 3.1.0-incubating: https://mvnrepository.com/artifact/org.apache.htrace/htrace-core/3.1.0-incubating, Apache 2.0 htrace-core 3.1.0-incubating: https://mvnrepository.com/artifact/org.apache.htrace/htrace-core/3.1.0-incubating, Apache 2.0
httpclient 4.5.13: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient/4.5.13, Apache 2.0 httpclient 4.5.13: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient/4.5.13, Apache 2.0
httpcore 4.4.1: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpcore/4.4.1, Apache 2.0 httpcore 4.4.15: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpcore/4.4.15, Apache 2.0
httpmime 4.5.13: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpmime/4.5.13, Apache 2.0 httpmime 4.5.13: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpmime/4.5.13, Apache 2.0
jackson-annotations 2.10.5: https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-annotations/2.10.5, Apache 2.0 jackson-annotations 2.10.5: https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-annotations/2.10.5, Apache 2.0
jackson-core 2.10.5: https://github.com/FasterXML/jackson-core, Apache 2.0 jackson-core 2.10.5: https://github.com/FasterXML/jackson-core, Apache 2.0

4
pom.xml

@ -67,7 +67,7 @@
<commons.codec.version>1.11</commons.codec.version> <commons.codec.version>1.11</commons.codec.version>
<commons.logging.version>1.1.1</commons.logging.version> <commons.logging.version>1.1.1</commons.logging.version>
<httpclient.version>4.5.13</httpclient.version> <httpclient.version>4.5.13</httpclient.version>
<httpcore.version>4.4.1</httpcore.version> <httpcore.version>4.4.15</httpcore.version>
<junit.version>4.12</junit.version> <junit.version>4.12</junit.version>
<mysql.connector.version>8.0.16</mysql.connector.version> <mysql.connector.version>8.0.16</mysql.connector.version>
<slf4j.api.version>1.7.5</slf4j.api.version> <slf4j.api.version>1.7.5</slf4j.api.version>
@ -84,7 +84,7 @@
<guava.version>24.1-jre</guava.version> <guava.version>24.1-jre</guava.version>
<postgresql.version>42.3.4</postgresql.version> <postgresql.version>42.3.4</postgresql.version>
<hive.jdbc.version>2.1.0</hive.jdbc.version> <hive.jdbc.version>2.1.0</hive.jdbc.version>
<commons.io.version>2.4</commons.io.version> <commons.io.version>2.11.0</commons.io.version>
<oshi.core.version>6.1.1</oshi.core.version> <oshi.core.version>6.1.1</oshi.core.version>
<clickhouse.jdbc.version>0.1.52</clickhouse.jdbc.version> <clickhouse.jdbc.version>0.1.52</clickhouse.jdbc.version>
<mssql.jdbc.version>6.1.0.jre8</mssql.jdbc.version> <mssql.jdbc.version>6.1.0.jre8</mssql.jdbc.version>

4
tools/dependencies/known-dependencies.txt

@ -33,7 +33,7 @@ commons-daemon-1.0.13.jar
commons-beanutils-1.9.4.jar commons-beanutils-1.9.4.jar
commons-dbcp-1.4.jar commons-dbcp-1.4.jar
commons-httpclient-3.0.1.jar commons-httpclient-3.0.1.jar
commons-io-2.4.jar commons-io-2.11.0.jar
commons-lang-2.6.jar commons-lang-2.6.jar
commons-logging-1.1.1.jar commons-logging-1.1.1.jar
commons-math3-3.1.1.jar commons-math3-3.1.1.jar
@ -85,7 +85,7 @@ hive-service-rpc-2.1.0.jar
hive-storage-api-2.1.0.jar hive-storage-api-2.1.0.jar
htrace-core-3.1.0-incubating.jar htrace-core-3.1.0-incubating.jar
httpclient-4.5.13.jar httpclient-4.5.13.jar
httpcore-4.4.1.jar httpcore-4.4.15.jar
httpmime-4.5.13.jar httpmime-4.5.13.jar
j2objc-annotations-1.1.jar j2objc-annotations-1.1.jar
jackson-annotations-2.10.5.jar jackson-annotations-2.10.5.jar

Loading…
Cancel
Save