Home Explore Help
Register Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HADOOP-18782. Upgrade to snappy-java 1.1.10.1 due to CVEs (#5773)

Addresses CVE-2023-34454

Contributed by PJ Fanning
PJ Fanning 2 years ago
parent
21d9c4727c
commit
56ef05a9ca
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      LICENSE-binary
  2. 1 1
      hadoop-project/pom.xml

+ 1 - 1
LICENSE-binary
View File 

@@ -361,7 +361,7 @@ org.jetbrains.kotlin:kotlin-stdlib:1.4.10
 
 org.jetbrains.kotlin:kotlin-stdlib-common:1.4.10
 
 org.lz4:lz4-java:1.7.1
 
 org.objenesis:objenesis:2.6
 
-org.xerial.snappy:snappy-java:1.0.5
 
+org.xerial.snappy:snappy-java:1.1.10.1
 
 org.yaml:snakeyaml:2.0
 
 org.wildfly.openssl:wildfly-openssl:1.1.3.Final

+ 1 - 1
hadoop-project/pom.xml
View File 

@@ -140,7 +140,7 @@
 
     <gson.version>2.9.0</gson.version>
 
     <metrics.version>3.2.4</metrics.version>
 
     <netty4.version>4.1.89.Final</netty4.version>
 
-    <snappy-java.version>1.1.8.2</snappy-java.version>
 
+    <snappy-java.version>1.1.10.1</snappy-java.version>
 
     <lz4-java.version>1.7.1</lz4-java.version>
 
 
     <!-- Maven protoc compiler -->