HIVE-28245. Upgrade Spring to 5.3.27 due to CVE.

slfan1989 · May 5, 2024 · 21ca793 · 21ca793
1 parent 978194b
commit 21ca793
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/pom.xml b/pom.xml
@@ -226,7 +226,7 @@
     <aws-java-sdk.version>1.12.499</aws-java-sdk.version>
     <jansi.version>2.4.0</jansi.version>
     <!-- If upgrading, upgrade atlas as well in ql/pom.xml, which brings in some springframework dependencies transitively -->
-    <spring.version>5.3.21</spring.version>
+    <spring.version>5.3.27</spring.version>
     <project.build.outputTimestamp>2024-01-01T00:00:00Z</project.build.outputTimestamp>
   </properties>
   <repositories>

diff --git a/standalone-metastore/pom.xml b/standalone-metastore/pom.xml
@@ -112,7 +112,7 @@
     <jetty.version>9.4.45.v20220203</jetty.version>
     <javax.annotation-api.version>1.3.2</javax.annotation-api.version>
     <!-- If upgrading, upgrade atlas as well in ql/pom.xml, which brings in some springframework dependencies transitively -->
-    <spring.version>5.3.21</spring.version>
+    <spring.version>5.3.27</spring.version>
     <!-- Thrift properties -->
     <thrift.home>you-must-set-this-to-run-thrift</thrift.home>
     <thrift.gen.dir>${basedir}/src/gen/thrift</thrift.gen.dir>