HADOOP-18587: upgrade to jettison 1.5.3 due to cve (#5270)

Signed-off-by: Chris Nauroth <cnauroth@apache.org> (cherry picked from commit b9eb760ed2)
2023-01-07 00:35:50 +01:00 · 2023-01-07 00:35:50 +01:00 · f856611121
commit f856611121
parent f63f20259b
2 changed files with 2 additions and 2 deletions
--- a/2
+++ b/2
@ -345,7 +345,7 @@ org.apache.kerby:kerby-util:1.0.1
 org.apache.kerby:kerby-xdr:1.0.1
 org.apache.kerby:token-provider:1.0.1
 org.apache.yetus:audience-annotations:0.5.0
-org.codehaus.jettison:jettison:1.5.1
+org.codehaus.jettison:jettison:1.5.3
 org.eclipse.jetty:jetty-annotations:9.4.48.v20220622
 org.eclipse.jetty:jetty-http:9.4.48.v20220622
 org.eclipse.jetty:jetty-io:9.4.48.v20220622
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@ -1505,7 +1505,7 @@
      <dependency>
        <groupId>org.codehaus.jettison</groupId>
        <artifactId>jettison</artifactId>
-        <version>1.5.1</version>
+        <version>1.5.3</version>
        <exclusions>
          <exclusion>
            <groupId>stax</groupId>