[prev in list] [next in list] [prev in thread] [next in thread]
List: flume-commits
Subject: flume git commit: FLUME-3132. Upgrade tomcat jasper library dependencies
From: denes () apache ! org
Date: 2017-08-24 18:18:58
Message-ID: e09d8d1d6f46425688784d57f384a163 () git ! apache ! org
[Download RAW message or body]
Repository: flume
Updated Branches:
refs/heads/trunk 3cd1b3313 -> 0cc7542dd
FLUME-3132. Upgrade tomcat jasper library dependencies
Exclude the vulnerable jasper library transitive dependencies from hadoop, hbase
dependencies.
This closes #152
Reviewers: Attila Simon, Miklos Csanady
(Ferenc Szabo via Denes Arvay)
Project: http://git-wip-us.apache.org/repos/asf/flume/repo
Commit: http://git-wip-us.apache.org/repos/asf/flume/commit/0cc7542d
Tree: http://git-wip-us.apache.org/repos/asf/flume/tree/0cc7542d
Diff: http://git-wip-us.apache.org/repos/asf/flume/diff/0cc7542d
Branch: refs/heads/trunk
Commit: 0cc7542ddc18239754befb19408dc3aca4337a66
Parents: 3cd1b33
Author: Ferenc Szabo <fszabo@cloudera.com>
Authored: Mon Aug 14 18:34:33 2017 +0200
Committer: Denes Arvay <denes@apache.org>
Committed: Thu Aug 24 18:43:11 2017 +0200
----------------------------------------------------------------------
pom.xml | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 70 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/flume/blob/0cc7542d/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index c0bd052..e901248 100644
--- a/pom.xml
+++ b/pom.xml
@@ -210,6 +210,16 @@ limitations under the License.
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-hdfs</artifactId>
<version>${hadoop.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
@@ -220,6 +230,16 @@ limitations under the License.
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-minicluster</artifactId>
<version>${hadoop.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
@@ -292,11 +312,31 @@ limitations under the License.
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-hdfs</artifactId>
<version>${hadoop.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-minicluster</artifactId>
<version>${hadoop.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
@@ -362,6 +402,16 @@ limitations under the License.
<artifactId>hbase-server</artifactId>
<version>${hbase.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -370,6 +420,16 @@ limitations under the License.
<version>${hbase.version}</version>
<classifier>tests</classifier>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -1053,6 +1113,16 @@ limitations under the License.
<artifactId>hadoop-common</artifactId>
<version>${hadoop.version}</version>
<optional>true</optional>
+ <exclusions>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-compiler</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>tomcat</groupId>
+ <artifactId>jasper-runtime</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic