This is an automated email from the ASF dual-hosted git repository.
dockerzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git
The following commit(s) were added to refs/heads/master by this push:
new 95bca0bb4 [INLONG-5643][DataProxy] Upgrade flume to 1.10.0 to fix
security vulnerability issue (#7208)
95bca0bb4 is described below
commit 95bca0bb4c247437a8ee29873795cd9b54f22e57
Author: woofyzhao <zhaozixuan1...@gmail.com>
AuthorDate: Wed Jan 11 10:57:28 2023 +0800
[INLONG-5643][DataProxy] Upgrade flume to 1.10.0 to fix security
vulnerability issue (#7208)
---
inlong-sdk/dataproxy-sdk/pom.xml | 5 +++++
inlong-tubemq/tubemq-server/pom.xml | 4 ++++
licenses/inlong-dataproxy/LICENSE | 22 +++++++++++-----------
pom.xml | 3 ++-
4 files changed, 22 insertions(+), 12 deletions(-)
diff --git a/inlong-sdk/dataproxy-sdk/pom.xml b/inlong-sdk/dataproxy-sdk/pom.xml
index fa1980b5a..6f7424c1c 100644
--- a/inlong-sdk/dataproxy-sdk/pom.xml
+++ b/inlong-sdk/dataproxy-sdk/pom.xml
@@ -39,6 +39,11 @@
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty</artifactId>
+ <version>${jboss.netty.version}</version>
+ </dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-transport</artifactId>
diff --git a/inlong-tubemq/tubemq-server/pom.xml
b/inlong-tubemq/tubemq-server/pom.xml
index dfe978e60..636f62a11 100644
--- a/inlong-tubemq/tubemq-server/pom.xml
+++ b/inlong-tubemq/tubemq-server/pom.xml
@@ -54,6 +54,10 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/licenses/inlong-dataproxy/LICENSE
b/licenses/inlong-dataproxy/LICENSE
index 038715479..b4391af43 100644
--- a/licenses/inlong-dataproxy/LICENSE
+++ b/licenses/inlong-dataproxy/LICENSE
@@ -362,17 +362,17 @@ The text of each license is the standard Apache 2.0
license.
com.google.errorprone:error_prone_annotations:2.7.1 - error-prone
annotations (https://github.com/google/error-prone), (Apache 2.0)
com.google.guava:failureaccess:1.0.1 - Guava InternalFutureFailureAccess and
InternalFutures (https://github.com/google/guava/tree/failureaccess-v1.0.1),
(The Apache Software License, Version 2.0)
com.alibaba:fastjson:1.2.83 - fastjson
(https://github.com/alibaba/fastjson), (Apache 2)
- org.apache.flume.flume-ng-channels:flume-file-channel:1.9.0 - Flume NG
file-based channel
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-channels/flume-file-channel),
(The Apache Software License, Version 2.0)
- org.apache.flume.flume-ng-sinks:flume-hdfs-sink:1.9.0 - Flume NG HDFS Sink
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-sinks/flume-hdfs-sink),
(The Apache Software License, Version 2.0)
- org.apache.flume.flume-ng-sinks:flume-irc-sink:1.9.0 - Flume NG IRC Sink
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-sinks/flume-irc-sink),
(The Apache Software License, Version 2.0)
- org.apache.flume.flume-ng-channels:flume-jdbc-channel:1.9.0 - Flume NG JDBC
channel
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-channels/flume-jdbc-channel),
(The Apache Software License, Version 2.0)
- org.apache.flume:flume-ng-auth:1.9.0 - Flume Auth
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-auth), (The Apache
Software License, Version 2.0)
- org.apache.flume.flume-ng-configfilters:flume-ng-config-filter-api:1.9.0 -
Flume NG Config Filters API
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-configfilters/flume-ng-config-filter-api),
(The Apache Software License, Version 2.0)
- org.apache.flume:flume-ng-configuration:1.9.0 - Flume NG Configuration
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-configuration), (The
Apache Software License, Version 2.0)
- org.apache.flume:flume-ng-core:1.9.0 - Flume NG Core
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-core), (The Apache
Software License, Version 2.0)
- org.apache.flume:flume-ng-node:1.9.0 - Flume NG Node
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-node), (The Apache
Software License, Version 2.0)
- org.apache.flume:flume-ng-sdk:1.9.0 - Flume NG SDK
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-sdk), (The Apache
Software License, Version 2.0)
- org.apache.flume.flume-ng-channels:flume-spillable-memory-channel:1.9.0 -
Flume NG Spillable Memory channel
(https://github.com/apache/flume/tree/flume-1.9/flume-ng-channels/flume-spillable-memory-channel),
(The Apache Software License, Version 2.0)
+ org.apache.flume.flume-ng-channels:flume-file-channel:1.10.0 - Flume NG
file-based channel
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-channels/flume-file-channel),
(The Apache Software License, Version 2.0)
+ org.apache.flume.flume-ng-sinks:flume-hdfs-sink:1.10.0 - Flume NG HDFS Sink
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-sinks/flume-hdfs-sink),
(The Apache Software License, Version 2.0)
+ org.apache.flume.flume-ng-sinks:flume-irc-sink:1.10.0 - Flume NG IRC Sink
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-sinks/flume-irc-sink),
(The Apache Software License, Version 2.0)
+ org.apache.flume.flume-ng-channels:flume-jdbc-channel:1.10.0 - Flume NG JDBC
channel
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-channels/flume-jdbc-channel),
(The Apache Software License, Version 2.0)
+ org.apache.flume:flume-ng-auth:1.10.0 - Flume Auth
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-auth), (The Apache
Software License, Version 2.0)
+ org.apache.flume.flume-ng-configfilters:flume-ng-config-filter-api:1.10.0 -
Flume NG Config Filters API
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-configfilters/flume-ng-config-filter-api),
(The Apache Software License, Version 2.0)
+ org.apache.flume:flume-ng-configuration:1.10.0 - Flume NG Configuration
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-configuration),
(The Apache Software License, Version 2.0)
+ org.apache.flume:flume-ng-core:1.10.0 - Flume NG Core
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-core), (The Apache
Software License, Version 2.0)
+ org.apache.flume:flume-ng-node:1.10.0 - Flume NG Node
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-node), (The Apache
Software License, Version 2.0)
+ org.apache.flume:flume-ng-sdk:1.10.0 - Flume NG SDK
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-sdk), (The Apache
Software License, Version 2.0)
+ org.apache.flume.flume-ng-channels:flume-spillable-memory-channel:1.10.0 -
Flume NG Spillable Memory channel
(https://github.com/apache/flume/tree/flume-1.10.0/flume-ng-channels/flume-spillable-memory-channel),
(The Apache Software License, Version 2.0)
com.google.code.gson:gson:2.8.6 - Gson
(https://github.com/google/gson/gson), (Apache 2.0)
com.google.guava:guava:31.0.1-jre - Guava: Google Core Libraries for Java
(https://github.com/google/guava), (Apache License, Version 2.0)
org.apache.httpcomponents:httpclient:4.5.13 - Apache HttpClient
(https://hc.apache.org/httpcomponents-client-4.5.x), (Apache License, Version
2.0)
diff --git a/pom.xml b/pom.xml
index dfea0a3c6..75e086842 100644
--- a/pom.xml
+++ b/pom.xml
@@ -71,6 +71,7 @@
<docker.organization>inlong</docker.organization>
<netty.version>4.1.72.Final</netty.version>
+ <jboss.netty.version>3.10.6.Final</jboss.netty.version>
<scala.binary.version>2.11</scala.binary.version>
<spark.version>2.4.4</spark.version>
@@ -135,7 +136,7 @@
<clickhouse-jdbc.version>0.3.1</clickhouse-jdbc.version>
<hive.version>3.1.3</hive.version>
<thrift.version>0.9.3</thrift.version>
- <flume.version>1.9.0</flume.version>
+ <flume.version>1.10.0</flume.version>
<hbase.version>2.4.12</hbase.version>
<velocity.tools.generic.version>3.1</velocity.tools.generic.version>
