HADOOP-18646. Upgrade Netty to 4.1.89.Final to fix CVE-2022-41881 (#5435)

This fixes CVE-2022-41881.

This also upgrades io.opencensus dependencies to 0.12.3
 
Contributed by Aleksandr Nikolaev
This commit is contained in:
nao 2023-03-10 18:27:22 +03:00 committed by GitHub
parent b406060c6b
commit 734f7abfb8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 7 deletions

View File

@ -289,12 +289,8 @@ io.netty:netty-resolver-dns-classes-macos:4.1.77.Final
io.netty:netty-transport-native-epoll:4.1.77.Final io.netty:netty-transport-native-epoll:4.1.77.Final
io.netty:netty-transport-native-kqueue:4.1.77.Final io.netty:netty-transport-native-kqueue:4.1.77.Final
io.netty:netty-resolver-dns-native-macos:4.1.77.Final io.netty:netty-resolver-dns-native-macos:4.1.77.Final
io.opencensus:opencensus-api:0.24.0 io.opencensus:opencensus-api:0.12.3
io.opencensus:opencensus-contrib-grpc-metrics:0.24.0 io.opencensus:opencensus-contrib-grpc-metrics:0.12.3
io.opentracing:opentracing-api:0.33.0
io.opentracing:opentracing-noop:0.33.0
io.opentracing:opentracing-util:0.33.0
io.perfmark:perfmark-api:0.19.0
io.reactivex:rxjava:1.3.8 io.reactivex:rxjava:1.3.8
io.reactivex:rxjava-string:1.1.1 io.reactivex:rxjava-string:1.1.1
io.reactivex:rxnetty:0.4.20 io.reactivex:rxnetty:0.4.20

View File

@ -140,7 +140,7 @@
<jna.version>5.2.0</jna.version> <jna.version>5.2.0</jna.version>
<gson.version>2.9.0</gson.version> <gson.version>2.9.0</gson.version>
<metrics.version>3.2.4</metrics.version> <metrics.version>3.2.4</metrics.version>
<netty4.version>4.1.77.Final</netty4.version> <netty4.version>4.1.89.Final</netty4.version>
<snappy-java.version>1.1.8.2</snappy-java.version> <snappy-java.version>1.1.8.2</snappy-java.version>
<lz4-java.version>1.7.1</lz4-java.version> <lz4-java.version>1.7.1</lz4-java.version>