Skip to content

Commit

Permalink
[fix][security] Upgrade Guava to 32.0.0 to address CVE-2023-2976
Browse files Browse the repository at this point in the history
  • Loading branch information
lhotari committed Jun 1, 2023
1 parent 5e6e6ce commit 0513fd9
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion buildtools/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@
<maven-checkstyle-plugin.version>3.1.2</maven-checkstyle-plugin.version>
<netty.version>4.1.93.Final</netty.version>
<guice.version>4.2.3</guice.version>
<guava.version>31.0.1-jre</guava.version>
<guava.version>32.0.0-jre</guava.version>
<ant.version>1.10.12</ant.version>
<snakeyaml.version>2.0</snakeyaml.version>
<mockito.version>3.12.4</mockito.version>
Expand Down
2 changes: 1 addition & 1 deletion distribution/server/src/assemble/LICENSE.bin.txt
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ The Apache Software License, Version 2.0
- com.google.code.gson-gson-2.8.9.jar
- io.gsonfire-gson-fire-1.8.5.jar
* Guava
- com.google.guava-guava-31.0.1-jre.jar
- com.google.guava-guava-32.0.0-jre.jar
- com.google.guava-failureaccess-1.0.1.jar
- com.google.guava-listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
* J2ObjC Annotations -- com.google.j2objc-j2objc-annotations-1.3.jar
Expand Down
2 changes: 1 addition & 1 deletion distribution/shell/src/assemble/LICENSE.bin.txt
Original file line number Diff line number Diff line change
Expand Up @@ -326,7 +326,7 @@ The Apache Software License, Version 2.0
* Gson
- gson-2.8.9.jar
* Guava
- guava-31.0.1-jre.jar
- guava-32.0.0-jre.jar
- failureaccess-1.0.1.jar
- listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
* J2ObjC Annotations -- j2objc-annotations-1.3.jar
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,7 @@ flexible messaging model and an intuitive client API.</description>
<hadoop2.version>2.10.2</hadoop2.version>
<hadoop3.version>3.3.5</hadoop3.version>
<hbase.version>2.4.16</hbase.version>
<guava.version>31.0.1-jre</guava.version>
<guava.version>32.0.0-jre</guava.version>
<jcip.version>1.0</jcip.version>
<prometheus-jmx.version>0.16.1</prometheus-jmx.version>
<confluent.version>6.2.8</confluent.version>
Expand Down
2 changes: 1 addition & 1 deletion pulsar-sql/presto-distribution/LICENSE
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ The Apache Software License, Version 2.0
- jackson-module-jaxb-annotations-2.14.2.jar
- jackson-module-jsonSchema-2.14.2.jar
* Guava
- guava-31.0.1-jre.jar
- guava-32.0.0-jre.jar
- listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
- failureaccess-1.0.1.jar
* Google Guice
Expand Down
2 changes: 1 addition & 1 deletion pulsar-sql/presto-distribution/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
<objenesis.version>2.6</objenesis.version>
<objectsize.version>0.0.12</objectsize.version>
<maven.version>3.0.5</maven.version>
<guava.version>31.0.1-jre</guava.version>
<guava.version>32.0.0-jre</guava.version>
<asynchttpclient.version>2.12.1</asynchttpclient.version>
<errorprone.version>2.5.1</errorprone.version>
<javax.servlet-api>4.0.1</javax.servlet-api>
Expand Down

0 comments on commit 0513fd9

Please sign in to comment.