Skip to content

Commit ad6fc5a

Browse files
author
ahmad.nouri
committed
HDFS toolkit v5.3.3 Vulnerabilities fixed
1 parent 1c94674 commit ad6fc5a

File tree

3 files changed

+53
-42
lines changed

3 files changed

+53
-42
lines changed

com.ibm.streamsx.hdfs/CHANGELOG.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,12 @@
11
# Changes
22
=======
33

4+
## v5.3.3:
5+
* [#133}fix Vulnerabilities in 3rd party jar libraries)
6+
7+
## v5.3.2:
8+
* [#133](https://github.com/IBMStreams/streamsx.hdfs/issues/140) slf4j jars updated (fix the log4j issue)
9+
410
## v5.3.2:
511
* [#133](https://github.com/IBMStreams/streamsx.hdfs/issues/140) slf4j jars updated (fix the log4j issue)
612

com.ibm.streamsx.hdfs/info.xml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -207,9 +207,13 @@ The 'tempFile' parameter specifies the name of the file that the operator writes
207207

208208
* pom.xml updated to use slf4j libraries version 1.7.36
209209

210+
++ What is new in version 5.3.3
211+
212+
* pom.xml updated to use the latest apache libraries
213+
210214

211215
</description>
212-
<version>5.3.2</version>
216+
<version>5.3.3</version>
213217
<requiredProductVersion>4.2.0.0</requiredProductVersion>
214218
</identity>
215219
<dependencies/>

com.ibm.streamsx.hdfs/pom.xml

Lines changed: 42 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
<groupId>com.ibm.streamsx.hdfs</groupId>
99
<artifactId>streamsx.hdfs</artifactId>
1010
<packaging>jar</packaging>
11-
<version>5.3.2</version>
11+
<version>5.3.3</version>
1212
<name>com.ibm.streamsx.hdfs</name>
1313
<repositories>
1414
<repository>
@@ -23,7 +23,7 @@
2323
<dependency>
2424
<groupId>commons-cli</groupId>
2525
<artifactId>commons-cli</artifactId>
26-
<version>1.4</version>
26+
<version>1.5.0</version>
2727
<exclusions>
2828
<exclusion>
2929
<groupId>*</groupId>
@@ -35,7 +35,7 @@
3535
<dependency>
3636
<groupId>commons-codec</groupId>
3737
<artifactId>commons-codec</artifactId>
38-
<version>1.15</version>
38+
<version>1.16.0</version>
3939
<exclusions>
4040
<exclusion>
4141
<groupId>*</groupId>
@@ -59,7 +59,7 @@
5959
<dependency>
6060
<groupId>org.apache.commons</groupId>
6161
<artifactId>commons-configuration2</artifactId>
62-
<version>2.7</version>
62+
<version>2.9.0</version>
6363
<exclusions>
6464
<exclusion>
6565
<groupId>*</groupId>
@@ -72,7 +72,7 @@
7272
<dependency>
7373
<groupId>commons-io</groupId>
7474
<artifactId>commons-io</artifactId>
75-
<version>2.7</version>
75+
<version>2.13.0</version>
7676
<exclusions>
7777
<exclusion>
7878
<groupId>*</groupId>
@@ -96,7 +96,7 @@
9696
<dependency>
9797
<groupId>org.apache.commons</groupId>
9898
<artifactId>commons-lang3</artifactId>
99-
<version>3.9</version>
99+
<version>3.13.0</version>
100100
<exclusions>
101101
<exclusion>
102102
<groupId>*</groupId>
@@ -109,20 +109,21 @@
109109
<groupId>commons-logging</groupId>
110110
<artifactId>commons-logging</artifactId>
111111
<version>1.2</version>
112-
<exclusions>
113-
<exclusion>
114-
<groupId>*</groupId>
115-
<artifactId>*</artifactId>
116-
</exclusion>
117-
</exclusions>
118-
</dependency>
119112

120113

114+
<exclusions>
115+
<exclusion>
116+
<groupId>*</groupId>
117+
<artifactId>*</artifactId>
118+
</exclusion>
119+
</exclusions>
120+
</dependency>
121+
121122

122123
<dependency>
123124
<groupId>com.google.guava</groupId>
124125
<artifactId>guava</artifactId>
125-
<version>30.0-jre</version>
126+
<version>32.1.2-jre</version>
126127
<exclusions>
127128
<exclusion>
128129
<groupId>*</groupId>
@@ -206,7 +207,7 @@
206207
<dependency>
207208
<groupId>org.apache.httpcomponents</groupId>
208209
<artifactId>httpcore</artifactId>
209-
<version>4.4.13</version>
210+
<version>4.4.16</version>
210211
<exclusions>
211212
<exclusion>
212213
<groupId>*</groupId>
@@ -218,7 +219,7 @@
218219
<dependency>
219220
<groupId>com.fasterxml.jackson.core</groupId>
220221
<artifactId>jackson-core</artifactId>
221-
<version>2.11.2</version>
222+
<version>2.15.2</version>
222223
<exclusions>
223224
<exclusion>
224225
<groupId>*</groupId>
@@ -230,7 +231,7 @@
230231
<dependency>
231232
<groupId>com.fasterxml.jackson.core</groupId>
232233
<artifactId>jackson-annotations</artifactId>
233-
<version>2.11.2</version>
234+
<version>2.15.2</version>
234235
<exclusions>
235236
<exclusion>
236237
<groupId>*</groupId>
@@ -242,7 +243,7 @@
242243
<dependency>
243244
<groupId>com.fasterxml.jackson.core</groupId>
244245
<artifactId>jackson-databind</artifactId>
245-
<version>2.11.2</version>
246+
<version>2.15.2</version>
246247
<exclusions>
247248
<exclusion>
248249
<groupId>*</groupId>
@@ -291,7 +292,7 @@
291292
<dependency>
292293
<groupId>com.google.protobuf</groupId>
293294
<artifactId>protobuf-java</artifactId>
294-
<version>3.13.0</version>
295+
<version>3.24.3</version>
295296
<exclusions>
296297
<exclusion>
297298
<groupId>*</groupId>
@@ -303,7 +304,7 @@
303304
<dependency>
304305
<groupId>com.google.re2j</groupId>
305306
<artifactId>re2j</artifactId>
306-
<version>1.4</version>
307+
<version>1.7</version>
307308
<exclusions>
308309
<exclusion>
309310
<groupId>*</groupId>
@@ -317,19 +318,19 @@
317318
<artifactId>javax.servlet-api</artifactId>
318319
<version>4.0.1</version>
319320
<scope>provided</scope>
320-
<exclusions>
321-
<exclusion>
322-
<groupId>*</groupId>
323-
<artifactId>*</artifactId>
324-
</exclusion>
325-
</exclusions>
321+
<exclusions>
322+
<exclusion>
323+
<groupId>*</groupId>
324+
<artifactId>*</artifactId>
325+
</exclusion>
326+
</exclusions>
326327
</dependency>
327328

328329

329330
<dependency>
330331
<groupId>org.slf4j</groupId>
331332
<artifactId>slf4j-api</artifactId>
332-
<version>1.7.36</version>
333+
<version>2.0.9</version>
333334
<exclusions>
334335
<exclusion>
335336
<groupId>*</groupId>
@@ -341,7 +342,7 @@
341342
<dependency>
342343
<groupId>org.slf4j</groupId>
343344
<artifactId>slf4j-log4j12</artifactId>
344-
<version>1.7.36</version>
345+
<version>2.0.9</version>
345346
<exclusions>
346347
<exclusion>
347348
<groupId>*</groupId>
@@ -365,7 +366,7 @@
365366
<dependency>
366367
<groupId>com.fasterxml.woodstox</groupId>
367368
<artifactId>woodstox-core</artifactId>
368-
<version>6.2.1</version>
369+
<version>6.5.1</version>
369370
<exclusions>
370371
<exclusion>
371372
<groupId>*</groupId>
@@ -378,7 +379,7 @@
378379
<dependency>
379380
<groupId>org.apache.commons</groupId>
380381
<artifactId>commons-compress</artifactId>
381-
<version>1.20</version>
382+
<version>1.24.0</version>
382383
<exclusions>
383384
<exclusion>
384385
<groupId>*</groupId>
@@ -387,17 +388,17 @@
387388
</exclusions>
388389
</dependency>
389390

390-
<dependency>
391-
<groupId>org.apache.hadoop.thirdparty</groupId>
392-
<artifactId>hadoop-shaded-protobuf_3_7</artifactId>
393-
<version>1.0.0</version>
394-
<exclusions>
395-
<exclusion>
396-
<groupId>*</groupId>
397-
<artifactId>*</artifactId>
398-
</exclusion>
399-
</exclusions>
400-
</dependency>
391+
<dependency>
392+
<groupId>org.apache.hadoop.thirdparty</groupId>
393+
<artifactId>hadoop-shaded-protobuf_3_7</artifactId>
394+
<version>1.0.0</version>
395+
<exclusions>
396+
<exclusion>
397+
<groupId>*</groupId>
398+
<artifactId>*</artifactId>
399+
</exclusion>
400+
</exclusions>
401+
</dependency>
401402

402403

403404
</dependencies>

0 commit comments

Comments
 (0)