HADOOP-18443. Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 (#4856)

Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>
Signed-off-by: Brahma Reddy Battula <brahma@apache.org>
This commit is contained in:
Ashutosh Gupta 2022-09-08 15:28:38 +01:00 committed by GitHub
parent 42c8f61fec
commit 832d0e0d76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View File

@ -362,7 +362,7 @@ org.ehcache:ehcache:3.3.1
org.lz4:lz4-java:1.7.1
org.objenesis:objenesis:2.6
org.xerial.snappy:snappy-java:1.0.5
org.yaml:snakeyaml:1.16:
org.yaml:snakeyaml:1.31:
org.wildfly.openssl:wildfly-openssl:1.0.7.Final

View File

@ -197,7 +197,7 @@
<declared.hadoop.version>${hadoop.version}</declared.hadoop.version>
<swagger-annotations-version>1.5.4</swagger-annotations-version>
<snakeyaml.version>1.26</snakeyaml.version>
<snakeyaml.version>1.31</snakeyaml.version>
<hbase.one.version>1.7.1</hbase.one.version>
<hbase.two.version>2.2.4</hbase.two.version>
<junit.version>4.13.2</junit.version>