This is an automated email from the ASF dual-hosted git repository.
dockerzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git
The following commit(s) were added to refs/heads/master by this push:
new c270963d50 [INLONG-8249][CVE] Upgrade
org.springframework:spring-boot-autoconfigure to 2.6.15 (#8250)
c270963d50 is described below
commit c270963d50d94950afb6dfb20f362e5625979136
Author: haifxu <xhf1208357...@gmail.com>
AuthorDate: Thu Jun 15 11:40:13 2023 +0800
[INLONG-8249][CVE] Upgrade org.springframework:spring-boot-autoconfigure to
2.6.15 (#8250)
---
licenses/inlong-audit/LICENSE | 10 +++++-----
licenses/inlong-audit/NOTICE | 2 +-
licenses/inlong-manager/LICENSE | 24 ++++++++++++------------
licenses/inlong-manager/NOTICE | 2 +-
licenses/inlong-tubemq-manager/LICENSE | 24 ++++++++++++------------
licenses/inlong-tubemq-manager/NOTICE | 2 +-
pom.xml | 2 +-
7 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/licenses/inlong-audit/LICENSE b/licenses/inlong-audit/LICENSE
index e6db7674e3..f4725391bb 100644
--- a/licenses/inlong-audit/LICENSE
+++ b/licenses/inlong-audit/LICENSE
@@ -427,11 +427,11 @@ The text of each license is the standard Apache 2.0
license.
io.prometheus:simpleclient_tracer_common:0.14.1 - Prometheus Java Span
Context Supplier - Common
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache
Software License, Version 2.0)
io.prometheus:simpleclient_tracer_otel:0.14.1 - Prometheus Java Span Context
Supplier - OpenTelemetry
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache
Software License, Version 2.0)
io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span
Context Supplier - OpenTelemetry Agent
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache
Software License, Version 2.0)
- org.springframework.boot:spring-boot:2.6.6 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-autoconfigure:2.6.6 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter:2.6.6 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter-jdbc:2.6.6 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-log4j2:2.6.6 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot:2.6.15 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-autoconfigure:2.6.15 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter:2.6.15 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-jdbc:2.6.15 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-log4j2:2.6.15 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
com.tdunning:t-digest:3.2 - T-Digest
(https://github.com/tdunning/t-digest/tree/t-digest-3.2), (The Apache Software
License, Version 2.0)
javax.validation:validation-api:1.1.0.Final - Bean Validation API
(https://github.com/eclipse-ee4j/beanvalidation-api/tree/1.1.0.Final), (The
Apache Software License, Version 2.0)
org.apache.velocity:velocity-engine-core:2.3 - Apache Velocity - Engine
(https://github.com/apache/velocity-engine/tree/2.3/velocity-engine-core),
(Apache License, Version 2.0)
diff --git a/licenses/inlong-audit/NOTICE b/licenses/inlong-audit/NOTICE
index 17ac8a8172..cb5b476f02 100644
--- a/licenses/inlong-audit/NOTICE
+++ b/licenses/inlong-audit/NOTICE
@@ -758,7 +758,7 @@ spring-boot-starter-jdbc NOTICE
spring-boot-starter-log4j2 NOTICE
========================================================================
-Spring Boot 2.6.6
+Spring Boot 2.6.15
Copyright (c) 2012-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
diff --git a/licenses/inlong-manager/LICENSE b/licenses/inlong-manager/LICENSE
index 724a5994dc..c57875baaf 100644
--- a/licenses/inlong-manager/LICENSE
+++ b/licenses/inlong-manager/LICENSE
@@ -547,18 +547,18 @@ The text of each license is the standard Apache 2.0
license.
io.prometheus:simpleclient_tracer_otel_agent:0.14.1 - Prometheus Java Span
Context Supplier - OpenTelemetry Agent
(https://github.com/prometheus/client_java/tree/parent-0.14.1), (The Apache
Software License, Version 2.0)
org.yaml:snakeyaml:1.30 - SnakeYAML
(https://bitbucket.org/snakeyaml/snakeyaml/src/snakeyaml-1.30/), (Apache
License, Version 2.0)
org.xerial.snappy:snappy-java:1.1.8.4 - snappy-java
(https://github.com/xerial/snappy-java), (Apache-2.0)
- org.springframework.boot:spring-boot:2.6.6 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-autoconfigure:2.6.6 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-configuration-processor:2.6.6 -
spring-boot-configuration-processor (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter:2.6.6 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter-aop:2.6.6 -
spring-boot-starter-aop (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-cache:2.6.6 -
spring-boot-starter-cache (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-jdbc:2.6.6 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-json:2.6.6 -
spring-boot-starter-json (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-log4j2:2.6.6 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-tomcat:2.6.6 -
spring-boot-starter-tomcat (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-validation:2.6.6 -
spring-boot-starter-validation (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter-web:2.6.6 -
spring-boot-starter-web (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot:2.6.15 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-autoconfigure:2.6.15 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-configuration-processor:2.6.15 -
spring-boot-configuration-processor (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter:2.6.15 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-aop:2.6.15 -
spring-boot-starter-aop (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-cache:2.6.15 -
spring-boot-starter-cache (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-jdbc:2.6.15 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-json:2.6.15 -
spring-boot-starter-json (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-log4j2:2.6.15 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-tomcat:2.6.15 -
spring-boot-starter-tomcat (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-validation:2.6.15 -
spring-boot-starter-validation (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-web:2.6.15 -
spring-boot-starter-web (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
io.springfox:springfox-bean-validators:3.0.0 - springfox-bean-validators
(https://github.com/springfox/springfox/tree/3.0.0), (The Apache Software
License, Version 2.0)
io.springfox:springfox-boot-starter:3.0.0 - springfox-boot-starter
(https://github.com/springfox/springfox/tree/3.0.0), (The Apache Software
License, Version 2.0)
io.springfox:springfox-core:3.0.0 - springfox-core
(https://github.com/springfox/springfox/tree/3.0.0), (The Apache Software
License, Version 2.0)
diff --git a/licenses/inlong-manager/NOTICE b/licenses/inlong-manager/NOTICE
index 5f62aceaf0..f601f4f4b6 100644
--- a/licenses/inlong-manager/NOTICE
+++ b/licenses/inlong-manager/NOTICE
@@ -2120,7 +2120,7 @@ spring-boot-starter-validation NOTICE
spring-boot-starter-web NOTICE
========================================================================
-Spring Boot 2.6.6
+Spring Boot 2.6.15
Copyright (c) 2012-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
diff --git a/licenses/inlong-tubemq-manager/LICENSE
b/licenses/inlong-tubemq-manager/LICENSE
index 68599535de..56e26e1ea6 100644
--- a/licenses/inlong-tubemq-manager/LICENSE
+++ b/licenses/inlong-tubemq-manager/LICENSE
@@ -387,18 +387,18 @@ The text of each license is the standard Apache 2.0
license.
org.apache.logging.log4j:log4j-jul:2.17.2 - Apache Log4j JUL Adapter
(https://logging.apache.org/log4j/2.x/log4j-jul/), (Apache License, Version 2.0)
org.apache.logging.log4j:log4j-slf4j-impl:2.17.2 - Apache Log4j SLF4J
Binding (https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/), (Apache
License, Version 2.0)
org.yaml:snakeyaml:1.29 - SnakeYAML
(https://bitbucket.org/snakeyaml/snakeyaml/src/snakeyaml-1.29/), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot:2.6.6 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-autoconfigure:2.6.6 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter:2.6.6 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter-aop:2.6.6 -
spring-boot-starter-aop (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-data-jpa:2.6.6 -
spring-boot-starter-data-jpa (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-data-rest:2.6.6 -
spring-boot-starter-data-rest (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-jdbc:2.6.6 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-json:2.6.6 -
spring-boot-starter-json (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-log4j2:2.6.6 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-tomcat:2.6.6 -
spring-boot-starter-tomcat (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
- org.springframework.boot:spring-boot-starter-validation:2.6.6 -
spring-boot-starter-validation (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
- org.springframework.boot:spring-boot-starter-web:2.6.6 -
spring-boot-starter-web (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot:2.6.15 - spring-boot
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-autoconfigure:2.6.15 -
spring-boot-autoconfigure (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter:2.6.15 - spring-boot-starter
(https://spring.io/projects/spring-boot), (Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-aop:2.6.15 -
spring-boot-starter-aop (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-data-jpa:2.6.15 -
spring-boot-starter-data-jpa (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-data-rest:2.6.15 -
spring-boot-starter-data-rest (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-jdbc:2.6.15 -
spring-boot-starter-jdbc (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-json:2.6.15 -
spring-boot-starter-json (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-log4j2:2.6.15 -
spring-boot-starter-log4j2 (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-tomcat:2.6.15 -
spring-boot-starter-tomcat (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-validation:2.6.15 -
spring-boot-starter-validation (https://spring.io/projects/spring-boot),
(Apache License, Version 2.0)
+ org.springframework.boot:spring-boot-starter-web:2.6.15 -
spring-boot-starter-web (https://spring.io/projects/spring-boot), (Apache
License, Version 2.0)
org.springframework.data:spring-data-rest-core:3.6.3 - Spring Data REST -
Core
(https://github.com/spring-projects/spring-data-rest/tree/3.6.3/spring-data-rest-core),
(Apache License, Version 2.0)
org.springframework.data:spring-data-rest-webmvc:3.6.3 - Spring Data REST -
WebMVC
(https://github.com/spring-projects/spring-data-rest/tree/3.6.3/spring-data-rest-webmvc),
(Apache License, Version 2.0)
io.springfox:springfox-bean-validators:3.0.0 - springfox-bean-validators
(https://github.com/springfox/springfox), (The Apache Software License, Version
2.0)
diff --git a/licenses/inlong-tubemq-manager/NOTICE
b/licenses/inlong-tubemq-manager/NOTICE
index 57a9cb27c7..091c71b482 100644
--- a/licenses/inlong-tubemq-manager/NOTICE
+++ b/licenses/inlong-tubemq-manager/NOTICE
@@ -334,7 +334,7 @@ spring-boot-starter-validation NOTICE
spring-boot-starter-web NOTICE
========================================================================
-Spring Boot 2.6.6
+Spring Boot 2.6.15
Copyright (c) 2012-2022 Pivotal, Inc.
This product is licensed to you under the Apache License, Version 2.0
diff --git a/pom.xml b/pom.xml
index 07dd20b9b1..8046054e83 100644
--- a/pom.xml
+++ b/pom.xml
@@ -85,7 +85,7 @@
<okhttp.version>3.14.9</okhttp.version>
<retrofit.version>2.9.0</retrofit.version>
- <spring.boot.version>2.6.6</spring.boot.version>
+ <spring.boot.version>2.6.15</spring.boot.version>
<spring.version>5.3.27</spring.version>
<spring.autoconfigure.version>2.4.3</spring.autoconfigure.version>
<spring.plugin.version>2.6.6</spring.plugin.version>
