首頁 探索 說明
註冊 登入
apache
/
hadoop
镜像来自 https://github.com/apache/hadoop.git
2
0
複刻 1
Files 問題管理 0 Wiki
瀏覽代碼

HADOOP-18676. jettison dependency override in hadoop-common lib (#5513)

Andras Katona 2 年之前
父節點
b82bcbd8ad
當前提交
ee01c64c6c
共有 2 個文件被更改,包括 24 次插入0 次删除
分割檢視 顯示文件統計
  1. 16 0
      hadoop-client-modules/hadoop-client/pom.xml
  2. 8 0
      hadoop-common-project/hadoop-common/pom.xml

+ 16 - 0
hadoop-client-modules/hadoop-client/pom.xml
查看文件 

@@ -69,6 +69,10 @@
 
           <groupId>com.github.pjfanning</groupId>
 
           <artifactId>jersey-json</artifactId>
 
         </exclusion>
 
+        <exclusion>
 
+          <groupId>org.codehaus.jettison</groupId>
 
+          <artifactId>jettison</artifactId>
 
+        </exclusion>
 
         <exclusion>
 
           <groupId>com.sun.jersey</groupId>
 
           <artifactId>jersey-server</artifactId>
 
@@ -182,6 +186,10 @@
 
           <groupId>com.github.pjfanning</groupId>
 
           <artifactId>jersey-json</artifactId>
 
         </exclusion>
 
+        <exclusion>
 
+          <groupId>org.codehaus.jettison</groupId>
 
+          <artifactId>jettison</artifactId>
 
+        </exclusion>
 
         <exclusion>
 
           <groupId>io.netty</groupId>
 
           <artifactId>netty</artifactId>
 
@@ -233,6 +241,10 @@
 
           <groupId>com.github.pjfanning</groupId>
 
           <artifactId>jersey-json</artifactId>
 
         </exclusion>
 
+        <exclusion>
 
+          <groupId>org.codehaus.jettison</groupId>
 
+          <artifactId>jettison</artifactId>
 
+        </exclusion>
 
         <exclusion>
 
           <groupId>com.sun.jersey</groupId>
 
           <artifactId>jersey-servlet</artifactId>
 
@@ -290,6 +302,10 @@
 
           <groupId>com.github.pjfanning</groupId>
 
           <artifactId>jersey-json</artifactId>
 
         </exclusion>
 
+        <exclusion>
 
+          <groupId>org.codehaus.jettison</groupId>
 
+          <artifactId>jettison</artifactId>
 
+        </exclusion>
 
         <exclusion>
 
           <groupId>io.netty</groupId>
 
           <artifactId>netty</artifactId>

+ 8 - 0
hadoop-common-project/hadoop-common/pom.xml
查看文件 

@@ -175,6 +175,14 @@
 
         </exclusion>
 
       </exclusions>
 
     </dependency>
 
+    <dependency>
 
+      <!--
 
+      adding jettison as direct dependency (as jersey-json's jettison dependency is vulnerable with verison 1.1),
 
+      so those who depends on hadoop-common externally will get the non-vulnerable jettison
 
+      -->
 
+      <groupId>org.codehaus.jettison</groupId>
 
+      <artifactId>jettison</artifactId>
 
+    </dependency>
 
     <dependency>
 
       <groupId>com.sun.jersey</groupId>
 
       <artifactId>jersey-server</artifactId>