github
/
DolphinScheduler
mirror of https://gitee.com/dolphinscheduler/DolphinScheduler.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

issue-10356: upgrade logback to fix cve (#10357)

3.1.0-release
PJ Fanning 3 years ago committed by GitHub
parent
b6350280e6
commit
d044e0479d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      dolphinscheduler-dist/release-docs/LICENSE
  2. 2
      pom.xml
  3. 4
      tools/dependencies/known-dependencies.txt

4
dolphinscheduler-dist/release-docs/LICENSE vendored
Unescape View File

@ -493,8 +493,8 @@ EPL licenses
The following components are provided under the EPL License. See project link for details. The following components are provided under the EPL License. See project link for details.
The text of each license is also included at licenses/LICENSE-[project].txt. The text of each license is also included at licenses/LICENSE-[project].txt.
aspectjweaver 1.9.7:https://mvnrepository.com/artifact/org.aspectj/aspectjweaver/1.9.7, EPL 1.0 aspectjweaver 1.9.7:https://mvnrepository.com/artifact/org.aspectj/aspectjweaver/1.9.7, EPL 1.0
logback-classic 1.2.3: https://mvnrepository.com/artifact/ch.qos.logback/logback-classic/1.2.3, EPL 1.0 and LGPL 2.1 logback-classic 1.2.11: https://mvnrepository.com/artifact/ch.qos.logback/logback-classic/1.2.11, EPL 1.0 and LGPL 2.1
logback-core 1.2.3: https://mvnrepository.com/artifact/ch.qos.logback/logback-core/1.2.3, EPL 1.0 and LGPL 2.1 logback-core 1.2.11: https://mvnrepository.com/artifact/ch.qos.logback/logback-core/1.2.11, EPL 1.0 and LGPL 2.1
h2-1.4.200 https://github.com/h2database/h2database/blob/master/LICENSE.txt, MPL 2.0 or EPL 1.0 h2-1.4.200 https://github.com/h2database/h2database/blob/master/LICENSE.txt, MPL 2.0 or EPL 1.0
======================================================================== ========================================================================

2
pom.xml
Unescape View File

@ -56,7 +56,7 @@
<spring.version>5.3.12</spring.version> <spring.version>5.3.12</spring.version>
<spring.boot.version>2.5.6</spring.boot.version> <spring.boot.version>2.5.6</spring.boot.version>
<java.version>1.8</java.version> <java.version>1.8</java.version>
<logback.version>1.2.3</logback.version> <logback.version>1.2.11</logback.version>
<hadoop.version>2.7.3</hadoop.version> <hadoop.version>2.7.3</hadoop.version>
<quartz.version>2.3.2</quartz.version> <quartz.version>2.3.2</quartz.version>
<jackson.version>2.10.5</jackson.version> <jackson.version>2.10.5</jackson.version>

4
tools/dependencies/known-dependencies.txt
Unescape View File

@ -133,8 +133,8 @@ libfb303-0.9.3.jar
libthrift-0.9.3.jar libthrift-0.9.3.jar
log4j-1.2-api-2.14.1.jar log4j-1.2-api-2.14.1.jar
log4j-1.2.17.jar log4j-1.2.17.jar
logback-classic-1.2.3.jar logback-classic-1.2.11.jar
logback-core-1.2.3.jar logback-core-1.2.11.jar
lz4-1.3.0.jar lz4-1.3.0.jar
mapstruct-1.2.0.Final.jar mapstruct-1.2.0.Final.jar
micrometer-core-1.7.5.jar micrometer-core-1.7.5.jar

Write Preview
Loading…
Cancel
Save