首頁 探索 說明
註冊 登入
apache
/
zookeeper
镜像来自 https://gitee.com/apache/zookeeper.git
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

ZOOKEEPER-4751: Update snappy-java to 1.1.10.5 to address CVE-2023-43642

snappy-java 1.1.10.1 contains CVE-2023-43642 . Upgrade the dependency to 1.1.10.5 to get rid of the CVE.

see https://issues.apache.org/jira/browse/ZOOKEEPER-4751

Author: Lari Hotari <lari@hotari.net>

Reviewers: Andor Molnar <andor@apache.org>, Damien Diederen <ddiederen@apache.org>

Closes #2072 from lhotari/ZOOKEEPER-4751
Lari Hotari 1 年之前
父節點
e2070bed85
當前提交
35a9441f31
共有 2 個文件被更改,包括 1 次插入1 次删除
分割檢視 顯示文件統計
  1. 1 1
      pom.xml
  2. 0 0
      zookeeper-server/src/main/resources/lib/snappy-java-1.1.10.5.jar_LICENSE.txt

+ 1 - 1
pom.xml
查看文件 

@@ -563,7 +563,7 @@
 
     <jetty.version>9.4.51.v20230217</jetty.version>
 
     <jackson.version>2.15.2</jackson.version>
 
     <jline.version>2.14.6</jline.version>
 
-    <snappy.version>1.1.10.1</snappy.version>
 
+    <snappy.version>1.1.10.5</snappy.version>
 
     <kerby.version>2.0.0</kerby.version>
 
     <bouncycastle.version>1.75</bouncycastle.version>
 
     <commons-collections.version>4.4</commons-collections.version>

+ 0 - 0
zookeeper-server/src/main/resources/lib/snappy-java-1.1.10.1.jar_LICENSE.txt → zookeeper-server/src/main/resources/lib/snappy-java-1.1.10.5.jar_LICENSE.txt
查看文件