This is an automated email from the ASF dual-hosted git repository. arawat pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/impala.git
commit 010f1b943c57178b26b86361cefe5a4f4273714d Author: wzhou-code <[email protected]> AuthorDate: Tue Oct 4 12:33:30 2022 -0700 IMPALA-11639: Upgrade Spring framework to 5.3.20 This patch upgrade the Spring framework to 5.3.20 to address multiple CVEs: - CVE-2022-22971 - CVE-2022-22968 - CVE-2022-22970 Testing: - Ran core job - Ran custom cluster tests in exhaustive mode Change-Id: I33f4f1d22fc27227e31d744658a17c16b61b9677 Reviewed-on: http://gerrit.cloudera.org:8080/19091 Reviewed-by: Joe McDonnell <[email protected]> Tested-by: Impala Public Jenkins <[email protected]> --- java/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/pom.xml b/java/pom.xml index 5e0e6356a..d3d49ff91 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -74,7 +74,7 @@ under the License. but bcprov-jdk15on matches the versions from pac4j 4.5.5. --> <xmlsec.version>2.2.3</xmlsec.version> <bcprov-jdk15on.version>1.68</bcprov-jdk15on.version> - <springframework.version>5.3.18</springframework.version> + <springframework.version>5.3.20</springframework.version> <json-smart.version>2.4.7</json-smart.version> </properties>
