hadoop

Author	SHA1	Message	Date
Steve Loughran	5f08e51b72	HADOOP-18561. Update commons-net to 3.9.0 (#5214 ) Addresses CVE-2021-37533, which only relates to FTP. Applications not using the ftp:// filesystem, which, as anyone who has used it will know is very minimal and so rarely used, is not a critical part of the project. Furthermore, the FTP-related issue is at worst information leakage if someone connects to a malicious server. This is a due diligence PR rather than an emergency fix. Contributed by Steve Loughran	2022-12-15 16:45:05 +00:00
Murali Krishna	2e88096266	HADOOP-18538. Upgrade kafka to 2.8.2 (#5164 ) Signed-off-by: Brahma Reddy Battula <brahma@apache.org>	2022-12-06 22:27:46 +05:30
PJ Fanning	e09e81abe4	HADOOP-18496: remove unused okhttp.version (#5140 ). Contributed by PJ Fanning. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-11-27 18:59:40 +05:30
PJ Fanning	d340c4a7a1	HADOOP-18496. Upgrade okhttp3 and dependencies due to kotlin CVEs (#5035 ) Updates okhttp3 and okio so their transitive dependency on Kotlin stdlib is free from recent CVEs. okhttp3:okhttp => 4.10.0 okio:okio => 3.2.0 kotlin stdlib => 1.6.20 kotlin CVEs fixed: CVE-2022-24329 CVE-2020-29582 Contributed by PJ Fanning.	2022-11-12 14:14:19 +00:00
Ashutosh Gupta	e62ba16a02	HADOOP-18484. Upgrade hsqldb to v2.7.1 to mitigate CVE-2022-41853 (#4991 )	2022-11-02 08:41:27 +01:00
PJ Fanning	7ba304d1c6	HADOOP-18512: upgrade woodstox-core to 5.4.0 for security fix (#5087 ). Contributed by PJ Fanning. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-11-02 00:11:41 +05:30
PJ Fanning	d6a65a4180	HADOOP-18472. Upgrade to snakeyaml 1.33 (#4958 ) Reviewed-by: Dinesh Chitlangia <dineshc@apache.org> Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-10-30 02:30:41 +09:00
Bence Kosztolnik	562b693374	YARN-11356. Upgrade DataTables to 1.11.5 to fix CVEs. Contributed by Bence Kosztolnik.	2022-10-26 22:29:01 +02:00
Hexiaoqiao	babb050fa3	HADOOP-18497. Upgrade commons-text version to fix CVE-2022-42889. (#5037 ). Contributed by PJ Fanning. Co-authored-by: He Xiaoqiao <hexiaoqiao@apache.org> Reviewed-by: Ashutosh Gupta <ashugpt@amazon.com> Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>	2022-10-18 11:28:56 +08:00
PJ Fanning	4ff6c9b8de	HADOOP-18493: upgrade jackson-databind to 2.12.7.1 (#5011 ). Contributed by PJ Fanning. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-10-17 10:03:10 +05:30
slfan1989	3ff8f58f8c	HADOOP-18360. Update commons-csv from 1.0 to 1.9.0. (#4928 ). Contributed by fanshilun. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-10-13 12:10:54 +05:30
Ashutosh Gupta	d6b1e1eeb6	HDFS-16777. datatables@1.10.17 sonatype-2020-0988 vulnerability (#5003 )	2022-10-12 14:51:12 -07:00
Steve Loughran	540a660429	HADOOP-18480. Upgrade aws sdk to 1.12.316 (#4972 ) Contributed by Steve Loughran	2022-10-10 10:23:50 +01:00
PJ Fanning	5eddec8c46	HADOOP-18468: Upgrade jettison to 1.5.1 to fix CVE-2022-40149 (#4937 ) Contributed by PJ Fanning	2022-10-07 15:44:01 +01:00
Ashutosh Gupta	7923cac86b	HADOOP-18443. Upgrade snakeyaml to 1.32 (#4906 ) Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com> Reviewed-by: Inigo Goiri <inigoiri@apache.org> Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-09-25 23:49:48 +09:00
PJ Fanning	e6d2c336cb	HADOOP-18341: upgrade commons-configuration2 to 2.8.0 and commons-text to 1.9 (#4578 ) Reviewed-by: Ashutosh Gupta <ashugpt@amazon.com> Signed-off-by: Takanobu Asanuma <tasanuma@apache.org>	2022-09-22 09:45:20 +09:00
slfan1989	4d9bb81b16	HADOOP-18451. Update hsqldb.version from 2.3.4 to 2.5.2. (#4880 )	2022-09-20 11:10:51 -07:00
Colm O hEigeartaigh	272844ee57	HADOOP-15072 - Update Apache Kerby to 2.0.2 (#4473 )	2022-09-15 00:43:25 +08:00
Ashutosh Gupta	832d0e0d76	HADOOP-18443. Upgrade snakeyaml to 1.31 to mitigate CVE-2022-25857 (#4856 ) Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com> Signed-off-by: Brahma Reddy Battula <brahma@apache.org>	2022-09-08 19:58:38 +05:30
slfan1989	052d7f286e	HADOOP-18361. Update commons-net from 3.6 to 3.8.0. (#4683 ). Contributed by fanshilun. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-08-24 20:05:17 +05:30
slfan1989	13fbfd5dea	HADOOP-18358. Update commons-math3 from 3.1.1 to 3.6.1. (#4619 ). Contributed by fanshilun. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2022-08-02 01:48:47 +05:30
Steve Loughran	95a85875d0	HADOOP-18344. (followup) AWS SDK 1.12.262: update LICENSE-binary Update LICENSE-binary with the new AWS SDK version. Followup to #4637. Contributed by Steve Loughran	2022-07-28 11:37:28 +01:00
Ashutosh Gupta	e664f81ce7	HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (#4553 ) Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com>	2022-07-21 00:15:39 +08:00
Wei-Chiu Chuang	a55ace7bc0	HADOOP-18079. Upgrade Netty to 4.1.77. (#3977 ) Upgrade netty to address CVE-2019-20444, CVE-2019-20445 CVE-2022-24823 Contributed by Wei-Chiu Chuang	2022-07-18 10:41:00 +01:00
PJ Fanning	34e548cb62	HADOOP-18332: remove rs-api dependency as it conflicts with jsr311-api (#4547 ) This downgrades jackson from the version switched to in HADOOP-18033 (2.13.0), to Jackson 2.12.7. This removes the dependency on javax.ws.rs-api, so avoiding runtime problems with applications using jersey-core v1 and/or jsr311-api. The 2.12.7 release still contains the fix for CVE-2020-36518. Contributed by PJ Fanning	2022-07-17 21:37:54 +05:30
Murali Krishna	2835174a4c	HDFS-16652. Upgrade jquery datatable version references to v1.10.19 (#4562 )	2022-07-14 18:27:07 +05:30
Igor Dvorzhak	77d1b194c7	HADOOP-18300. Upgrade Gson dependency to version 2.9.0 (#4454 ) Reviewed-by: Ayush Saxena <ayushsaxena@apache.org> Signed-off-by: Chris Nauroth <cnauroth@apache.org>	2022-06-22 16:37:22 -07:00
Ashutosh Gupta	fb910bd906	HDFS-16453. Upgrade okhttp from 2.7.5 to 4.9.3 (#4229 ) Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com> Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-05-21 02:53:14 +09:00
PJ Fanning	63187083cc	HADOOP-15983. Use jersey-json that is built to use jackson2 (#3988 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-04-28 14:18:19 +09:00
PJ Fanning	4b786c797a	HADOOP-18178. Upgrade jackson to 2.13.2 and jackson-databind to 2.13.2.2 (#4111 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-04-07 16:19:36 +09:00
PJ Fanning	61e809b245	HADOOP-13386. Upgrade Avro to 1.9.2 (#3990 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-03-26 20:31:16 +09:00
PJ Fanning	da5a774018	HADOOP-17563. Upgrade BouncyCastle to 1.68 (#3980 ) Contributed by PJ Fanning	2022-03-07 22:21:10 +00:00
Wei-Chiu Chuang	007c2011ef	YARN-11068. Update transitive log4j2 dependency to 2.17.1 (#3963 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-02-21 13:33:38 +09:00
Aswin Shakil Balasubramanian	41c86b6464	HADOOP-18101. Bump aliyun-sdk-oss to 3.13.2 and jdom2 to 2.0.6.1 (#3951 )	2022-02-03 15:50:38 -08:00
Akira Ajisaka	02f6bad1ff	Revert "YARN-11068. Exclude transitive log4j2 dependency coming from solr 8. (#3936 )" This reverts commit `1c01944f35`.	2022-01-28 00:36:25 +09:00
Wei-Chiu Chuang	1c01944f35	YARN-11068. Exclude transitive log4j2 dependency coming from solr 8. (#3936 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2022-01-28 00:04:01 +09:00
luoyuan3471	e2d620192a	HADOOP-18044. Hadoop - Upgrade to jQuery 3.6.0 (#3791 ) Co-authored-by: luoyuan <luoyuan@shopee.com>	2022-01-12 11:40:32 +08:00
Wei-Chiu Chuang	bdec546671	Revert "HDFS-16384. Upgrade Netty to 4.1.72.Final (#3798 )" This reverts commit `a4557f9ed9`.	2021-12-16 21:27:08 +08:00
Tamás Pénzes	a4557f9ed9	HDFS-16384. Upgrade Netty to 4.1.72.Final (#3798 )	2021-12-16 12:38:42 +08:00
better3471	a03579e9b5	HADOOP-18042. Fix jetty version in LICENSE-binary (#3783 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-12-13 10:45:47 +09:00
Viraj Jasani	53edd0de5a	HADOOP-18033. Upgrade fasterxml Jackson to 2.13.0 (#3749 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-12-08 16:52:22 +09:00
Viraj Jasani	b34dcb5b3a	HADOOP-18025. Upgrade HBase version to 1.7.1 for hbase1 profile (#3722 )	2021-12-02 10:40:30 +08:00
Renukaprasad C	b923fa7a1c	HADOOP-17946. Upgrade commons-lang to 3.12.0 (#3575 )	2021-10-26 09:16:50 +08:00
Takanobu Asanuma	2068b0041c	HADOOP-17940. Upgrade Kafka to 2.8.1 (#3488 ) Reviewed-by: Masatake Iwasaki <iwasakims@apache.org>	2021-09-28 13:21:55 +09:00
Siyao Meng	3aaac8a1f6	HADOOP-17834. Bump aliyun-sdk-oss to 3.13.0 (#3261 ) Change-Id: I335d4a2cb08c75dc24ef36bdfab51111f87e0762 Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-08-14 21:19:10 +09:00
Renukaprasad C	b90389ae98	HADOOP-17844. Upgrade JSON smart to 2.4.7 (#3299 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-08-14 19:55:32 +09:00
Akira Ajisaka	3565c9477d	HADOOP-17370. Upgrade commons-compress to 1.21 (#3274 )	2021-08-08 11:23:28 +09:00
Viraj Jasani	ccfa072dc7	HADOOP-17612. Upgrade Zookeeper to 3.6.3 and Curator to 5.2.0 (#3241 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-08-03 14:44:00 +09:00
Viraj Jasani	d0ee065cc4	HADOOP-16272. Upgrade HikariCP to 4.0.3 (#3204 ) Signed-off-by: Akira Ajisaka <aajisaka@apache.org>	2021-07-16 12:17:17 +09:00
Ahmed Hussein	581f43dce1	HADOOP-17769. Upgrade JUnit to 4.13.2. fixes TestBlockRecovery (#3130 ). Contributed by Ahmed Hussein. Signed-off-by: Ayush Saxena <ayushsaxena@apache.org>	2021-06-24 17:57:52 +05:30

1 2

64 Commits