HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula.

Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>
This commit is contained in:
Brahma Reddy Battula 2020-10-28 09:26:52 -07:00 committed by Wei-Chiu Chuang
parent b3ba74d72d
commit eb84793af1

View File

@ -199,7 +199,7 @@
<declared.hadoop.version>${hadoop.version}</declared.hadoop.version> <declared.hadoop.version>${hadoop.version}</declared.hadoop.version>
<swagger-annotations-version>1.5.4</swagger-annotations-version> <swagger-annotations-version>1.5.4</swagger-annotations-version>
<snakeyaml.version>1.16</snakeyaml.version> <snakeyaml.version>1.26</snakeyaml.version>
<hbase.one.version>1.4.8</hbase.one.version> <hbase.one.version>1.4.8</hbase.one.version>
<hbase.two.version>2.0.2</hbase.two.version> <hbase.two.version>2.0.2</hbase.two.version>
<junit.version>4.12</junit.version> <junit.version>4.12</junit.version>