HADOOP-19115. Upgrade to nimbus-jose-jwt 9.37.2 due to CVE-2023-52428. (#6637)

Contributed by PJ Fanning
2024-03-27 11:30:55 +01:00 · 2024-03-27 11:30:55 +01:00 · 5bfca65692
commit 5bfca65692
parent 50370769cd
2 changed files with 2 additions and 2 deletions
--- a/2
+++ b/2
@ -241,7 +241,7 @@ com.google.guava:guava:20.0
 com.google.guava:guava:27.0-jre
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
 com.microsoft.azure:azure-storage:7.0.0
-com.nimbusds:nimbus-jose-jwt:9.31
+com.nimbusds:nimbus-jose-jwt:9.37.2
 com.zaxxer:HikariCP:4.0.3
 commons-beanutils:commons-beanutils:1.9.4
 commons-cli:commons-cli:1.5.0
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@ -216,7 +216,7 @@
    <openssl-wildfly.version>1.1.3.Final</openssl-wildfly.version>
    <jsonschema2pojo.version>1.0.2</jsonschema2pojo.version>
    <woodstox.version>5.4.0</woodstox.version>
-    <nimbus-jose-jwt.version>9.31</nimbus-jose-jwt.version>
+    <nimbus-jose-jwt.version>9.37.2</nimbus-jose-jwt.version>
    <nodejs.version>v12.22.1</nodejs.version>
    <yarnpkg.version>v1.22.5</yarnpkg.version>
    <apache-ant.version>1.10.13</apache-ant.version>