Skip to content

Commit e28a7c2

Browse files
virajjasaniApache9
virajjasani
authored and
Apache9
committed
HBASE-22863 Cleanup transitive Jackson1 vulnerable dependencies(forward-port HBASE-22728) (#505)
Signed-off-by: Duo Zhang <[email protected]> Signed-off-by: Reid Chan <[email protected]>
1 parent 0a1950f commit e28a7c2

File tree

7 files changed

+222
-0
lines changed

7 files changed

+222
-0
lines changed

hbase-mapreduce/pom.xml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -204,6 +204,16 @@
204204
<artifactId>hadoop-mapreduce-client-jobclient</artifactId>
205205
<type>test-jar</type>
206206
<scope>test</scope>
207+
<exclusions>
208+
<exclusion>
209+
<groupId>org.codehaus.jackson</groupId>
210+
<artifactId>jackson-mapper-asl</artifactId>
211+
</exclusion>
212+
<exclusion>
213+
<groupId>org.codehaus.jackson</groupId>
214+
<artifactId>jackson-core-asl</artifactId>
215+
</exclusion>
216+
</exclusions>
207217
</dependency>
208218
<dependency>
209219
<groupId>org.apache.hadoop</groupId>

hbase-server/pom.xml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -245,6 +245,12 @@
245245
<dependency>
246246
<groupId>org.apache.hbase</groupId>
247247
<artifactId>hbase-http</artifactId>
248+
<exclusions>
249+
<exclusion>
250+
<groupId>org.codehaus.jackson</groupId>
251+
<artifactId>jackson-core-asl</artifactId>
252+
</exclusion>
253+
</exclusions>
248254
</dependency>
249255
<dependency>
250256
<groupId>org.apache.hbase</groupId>

hbase-shaded/hbase-shaded-client-byo-hadoop/pom.xml

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,38 @@
8787
<artifactId>hadoop-common</artifactId>
8888
<scope>provided</scope>
8989
</dependency>
90+
<dependency>
91+
<groupId>org.codehaus.jackson</groupId>
92+
<artifactId>jackson-jaxrs</artifactId>
93+
<version>1.9.13</version>
94+
<scope>provided</scope>
95+
<exclusions>
96+
<exclusion>
97+
<groupId>org.codehaus.jackson</groupId>
98+
<artifactId>jackson-mapper-asl</artifactId>
99+
</exclusion>
100+
<exclusion>
101+
<groupId>org.codehaus.jackson</groupId>
102+
<artifactId>jackson-core-asl</artifactId>
103+
</exclusion>
104+
</exclusions>
105+
</dependency>
106+
<dependency>
107+
<groupId>org.codehaus.jackson</groupId>
108+
<artifactId>jackson-xc</artifactId>
109+
<version>1.9.13</version>
110+
<scope>provided</scope>
111+
<exclusions>
112+
<exclusion>
113+
<groupId>org.codehaus.jackson</groupId>
114+
<artifactId>jackson-mapper-asl</artifactId>
115+
</exclusion>
116+
<exclusion>
117+
<groupId>org.codehaus.jackson</groupId>
118+
<artifactId>jackson-core-asl</artifactId>
119+
</exclusion>
120+
</exclusions>
121+
</dependency>
90122
</dependencies>
91123
</profile>
92124

@@ -113,6 +145,38 @@
113145
<artifactId>hadoop-common</artifactId>
114146
<scope>provided</scope>
115147
</dependency>
148+
<dependency>
149+
<groupId>org.codehaus.jackson</groupId>
150+
<artifactId>jackson-jaxrs</artifactId>
151+
<version>1.9.13</version>
152+
<scope>provided</scope>
153+
<exclusions>
154+
<exclusion>
155+
<groupId>org.codehaus.jackson</groupId>
156+
<artifactId>jackson-mapper-asl</artifactId>
157+
</exclusion>
158+
<exclusion>
159+
<groupId>org.codehaus.jackson</groupId>
160+
<artifactId>jackson-core-asl</artifactId>
161+
</exclusion>
162+
</exclusions>
163+
</dependency>
164+
<dependency>
165+
<groupId>org.codehaus.jackson</groupId>
166+
<artifactId>jackson-xc</artifactId>
167+
<version>1.9.13</version>
168+
<scope>provided</scope>
169+
<exclusions>
170+
<exclusion>
171+
<groupId>org.codehaus.jackson</groupId>
172+
<artifactId>jackson-mapper-asl</artifactId>
173+
</exclusion>
174+
<exclusion>
175+
<groupId>org.codehaus.jackson</groupId>
176+
<artifactId>jackson-core-asl</artifactId>
177+
</exclusion>
178+
</exclusions>
179+
</dependency>
116180
</dependencies>
117181
</profile>
118182
</profiles>

hbase-shaded/hbase-shaded-mapreduce/pom.xml

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -265,6 +265,38 @@
265265
</exclusion>
266266
</exclusions>
267267
</dependency>
268+
<dependency>
269+
<groupId>org.codehaus.jackson</groupId>
270+
<artifactId>jackson-jaxrs</artifactId>
271+
<version>1.9.13</version>
272+
<scope>provided</scope>
273+
<exclusions>
274+
<exclusion>
275+
<groupId>org.codehaus.jackson</groupId>
276+
<artifactId>jackson-mapper-asl</artifactId>
277+
</exclusion>
278+
<exclusion>
279+
<groupId>org.codehaus.jackson</groupId>
280+
<artifactId>jackson-core-asl</artifactId>
281+
</exclusion>
282+
</exclusions>
283+
</dependency>
284+
<dependency>
285+
<groupId>org.codehaus.jackson</groupId>
286+
<artifactId>jackson-xc</artifactId>
287+
<version>1.9.13</version>
288+
<scope>provided</scope>
289+
<exclusions>
290+
<exclusion>
291+
<groupId>org.codehaus.jackson</groupId>
292+
<artifactId>jackson-mapper-asl</artifactId>
293+
</exclusion>
294+
<exclusion>
295+
<groupId>org.codehaus.jackson</groupId>
296+
<artifactId>jackson-core-asl</artifactId>
297+
</exclusion>
298+
</exclusions>
299+
</dependency>
268300
<dependency>
269301
<groupId>org.apache.hadoop</groupId>
270302
<artifactId>hadoop-auth</artifactId>
@@ -315,6 +347,38 @@
315347
</exclusion>
316348
</exclusions>
317349
</dependency>
350+
<dependency>
351+
<groupId>org.codehaus.jackson</groupId>
352+
<artifactId>jackson-jaxrs</artifactId>
353+
<version>1.9.13</version>
354+
<scope>provided</scope>
355+
<exclusions>
356+
<exclusion>
357+
<groupId>org.codehaus.jackson</groupId>
358+
<artifactId>jackson-mapper-asl</artifactId>
359+
</exclusion>
360+
<exclusion>
361+
<groupId>org.codehaus.jackson</groupId>
362+
<artifactId>jackson-core-asl</artifactId>
363+
</exclusion>
364+
</exclusions>
365+
</dependency>
366+
<dependency>
367+
<groupId>org.codehaus.jackson</groupId>
368+
<artifactId>jackson-xc</artifactId>
369+
<version>1.9.13</version>
370+
<scope>provided</scope>
371+
<exclusions>
372+
<exclusion>
373+
<groupId>org.codehaus.jackson</groupId>
374+
<artifactId>jackson-mapper-asl</artifactId>
375+
</exclusion>
376+
<exclusion>
377+
<groupId>org.codehaus.jackson</groupId>
378+
<artifactId>jackson-core-asl</artifactId>
379+
</exclusion>
380+
</exclusions>
381+
</dependency>
318382
</dependencies>
319383
</profile>
320384
</profiles>

hbase-shaded/hbase-shaded-testing-util-tester/pom.xml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,12 @@
5757
<version>${project.version}</version>
5858
<scope>test</scope>
5959
</dependency>
60+
<dependency>
61+
<groupId>org.codehaus.jackson</groupId>
62+
<artifactId>jackson-mapper-asl</artifactId>
63+
<version>1.9.13</version>
64+
<scope>test</scope>
65+
</dependency>
6066
</dependencies>
6167

6268
</project>

hbase-shaded/hbase-shaded-testing-util/pom.xml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,22 @@
4545
<groupId>javax.servlet.jsp</groupId>
4646
<artifactId>jsp-api</artifactId>
4747
</exclusion>
48+
<exclusion>
49+
<groupId>org.codehaus.jackson</groupId>
50+
<artifactId>jackson-mapper-asl</artifactId>
51+
</exclusion>
52+
<exclusion>
53+
<groupId>org.codehaus.jackson</groupId>
54+
<artifactId>jackson-core-asl</artifactId>
55+
</exclusion>
56+
<exclusion>
57+
<groupId>org.codehaus.jackson</groupId>
58+
<artifactId>jackson-jaxrs</artifactId>
59+
</exclusion>
60+
<exclusion>
61+
<groupId>org.codehaus.jackson</groupId>
62+
<artifactId>jackson-xc</artifactId>
63+
</exclusion>
4864
</exclusions>
4965
</dependency>
5066
<dependency>
@@ -59,6 +75,24 @@
5975
<version>${hadoop.version}</version>
6076
<type>test-jar</type>
6177
<scope>compile</scope>
78+
<exclusions>
79+
<exclusion>
80+
<groupId>org.codehaus.jackson</groupId>
81+
<artifactId>jackson-mapper-asl</artifactId>
82+
</exclusion>
83+
<exclusion>
84+
<groupId>org.codehaus.jackson</groupId>
85+
<artifactId>jackson-core-asl</artifactId>
86+
</exclusion>
87+
<exclusion>
88+
<groupId>org.codehaus.jackson</groupId>
89+
<artifactId>jackson-jaxrs</artifactId>
90+
</exclusion>
91+
<exclusion>
92+
<groupId>org.codehaus.jackson</groupId>
93+
<artifactId>jackson-xc</artifactId>
94+
</exclusion>
95+
</exclusions>
6296
</dependency>
6397
<dependency>
6498
<groupId>org.apache.hadoop</groupId>
@@ -97,6 +131,12 @@
97131
<type>test-jar</type>
98132
<scope>compile</scope>
99133
</dependency>
134+
<dependency>
135+
<groupId>org.codehaus.jackson</groupId>
136+
<artifactId>jackson-mapper-asl</artifactId>
137+
<version>1.9.13</version>
138+
<scope>test</scope>
139+
</dependency>
100140

101141
<dependency>
102142
<groupId>org.apache.hbase</groupId>

pom.xml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2372,6 +2372,14 @@
23722372
<groupId>com.sun.jersey</groupId>
23732373
<artifactId>jersey-core</artifactId>
23742374
</exclusion>
2375+
<exclusion>
2376+
<groupId>org.codehaus.jackson</groupId>
2377+
<artifactId>jackson-jaxrs</artifactId>
2378+
</exclusion>
2379+
<exclusion>
2380+
<groupId>org.codehaus.jackson</groupId>
2381+
<artifactId>jackson-xc</artifactId>
2382+
</exclusion>
23752383
<exclusion>
23762384
<groupId>io.netty</groupId>
23772385
<artifactId>netty</artifactId>
@@ -2546,6 +2554,14 @@
25462554
<groupId>com.sun.jersey</groupId>
25472555
<artifactId>jersey-core</artifactId>
25482556
</exclusion>
2557+
<exclusion>
2558+
<groupId>org.codehaus.jackson</groupId>
2559+
<artifactId>jackson-jaxrs</artifactId>
2560+
</exclusion>
2561+
<exclusion>
2562+
<groupId>org.codehaus.jackson</groupId>
2563+
<artifactId>jackson-xc</artifactId>
2564+
</exclusion>
25492565
<exclusion>
25502566
<groupId>commons-beanutils</groupId>
25512567
<artifactId>commons-beanutils</artifactId>
@@ -2599,6 +2615,14 @@
25992615
<groupId>com.google.code.findbugs</groupId>
26002616
<artifactId>jsr305</artifactId>
26012617
</exclusion>
2618+
<exclusion>
2619+
<groupId>org.codehaus.jackson</groupId>
2620+
<artifactId>jackson-jaxrs</artifactId>
2621+
</exclusion>
2622+
<exclusion>
2623+
<groupId>org.codehaus.jackson</groupId>
2624+
<artifactId>jackson-xc</artifactId>
2625+
</exclusion>
26022626
</exclusions>
26032627
</dependency>
26042628
<dependency>
@@ -2701,6 +2725,14 @@
27012725
<groupId>com.sun.jersey</groupId>
27022726
<artifactId>jersey-core</artifactId>
27032727
</exclusion>
2728+
<exclusion>
2729+
<groupId>org.codehaus.jackson</groupId>
2730+
<artifactId>jackson-jaxrs</artifactId>
2731+
</exclusion>
2732+
<exclusion>
2733+
<groupId>org.codehaus.jackson</groupId>
2734+
<artifactId>jackson-xc</artifactId>
2735+
</exclusion>
27042736
<exclusion>
27052737
<groupId>io.netty</groupId>
27062738
<artifactId>netty</artifactId>

0 commit comments

Comments
 (0)