big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HADOOP-18646. Upgrade Netty to 4.1.89.Final to fix CVE-2022-41881 (#5435) (#5729)

Browse Source 
This fixes CVE-2022-41881.

This also upgrades io.opencensus dependencies to 0.12.3

Contributed by Aleksandr Nikolaev

(cherry picked from commit 734f7abfb8)

 Conflicts:
	hadoop-project/pom.xml

Change-Id: I26b8961725706370ac5f0fa248d0b0333034a047

Co-authored-by: nao <56360298+nao-it@users.noreply.github.com>
This commit is contained in:
Wei-Chiu Chuang 2023-06-10 11:05:44 -07:00 committed by GitHub
parent 30dcd044c3
commit 03a548d4e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
LICENSE-binary
View File

@ -295,12 +295,8 @@ io.netty:netty-resolver-dns-classes-macos:4.1.77.Final
io.netty:netty-transport-native-epoll:4.1.77.Final
io.netty:netty-transport-native-kqueue:4.1.77.Final
io.netty:netty-resolver-dns-native-macos:4.1.77.Final
io.opencensus:opencensus-api:0.24.0
io.opencensus:opencensus-contrib-grpc-metrics:0.24.0
io.opentracing:opentracing-api:0.33.0
io.opentracing:opentracing-noop:0.33.0
io.opentracing:opentracing-util:0.33.0
io.perfmark:perfmark-api:0.19.0
io.opencensus:opencensus-api:0.12.3
io.opencensus:opencensus-contrib-grpc-metrics:0.12.3
io.reactivex:rxjava:1.3.8
io.reactivex:rxjava-string:1.1.1
io.reactivex:rxnetty:0.4.20

2
hadoop-project/pom.xml
View File

@ -144,7 +144,7 @@
<gson.version>2.9.0</gson.version>
<metrics.version>3.2.4</metrics.version>
<netty3.version>3.10.6.Final</netty3.version>
<netty4.version>4.1.77.Final</netty4.version>
<netty4.version>4.1.89.Final</netty4.version>
<snappy-java.version>1.1.8.2</snappy-java.version>
<lz4-java.version>1.7.1</lz4-java.version>