Skip to content

Commit a2a84e0

Browse files
virajjasaniApache9
virajjasani
authored and
Apache9
committed
HBASE-22863 Cleanup transitive Jackson1 vulnerable dependencies(forward-port HBASE-22728) (apache#505)
Signed-off-by: Duo Zhang <[email protected]> Signed-off-by: Reid Chan <[email protected]>
1 parent 91b1f69 commit a2a84e0

File tree

7 files changed

+222
-0
lines changed

7 files changed

+222
-0
lines changed

hbase-mapreduce/pom.xml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -208,6 +208,16 @@
208208
<artifactId>hadoop-mapreduce-client-jobclient</artifactId>
209209
<type>test-jar</type>
210210
<scope>test</scope>
211+
<exclusions>
212+
<exclusion>
213+
<groupId>org.codehaus.jackson</groupId>
214+
<artifactId>jackson-mapper-asl</artifactId>
215+
</exclusion>
216+
<exclusion>
217+
<groupId>org.codehaus.jackson</groupId>
218+
<artifactId>jackson-core-asl</artifactId>
219+
</exclusion>
220+
</exclusions>
211221
</dependency>
212222
<dependency>
213223
<groupId>org.apache.hadoop</groupId>

hbase-server/pom.xml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -258,6 +258,12 @@
258258
<dependency>
259259
<groupId>org.apache.hbase</groupId>
260260
<artifactId>hbase-http</artifactId>
261+
<exclusions>
262+
<exclusion>
263+
<groupId>org.codehaus.jackson</groupId>
264+
<artifactId>jackson-core-asl</artifactId>
265+
</exclusion>
266+
</exclusions>
261267
</dependency>
262268
<dependency>
263269
<groupId>org.apache.hbase</groupId>

hbase-shaded/hbase-shaded-client-byo-hadoop/pom.xml

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,38 @@
8787
<artifactId>hadoop-common</artifactId>
8888
<scope>provided</scope>
8989
</dependency>
90+
<dependency>
91+
<groupId>org.codehaus.jackson</groupId>
92+
<artifactId>jackson-jaxrs</artifactId>
93+
<version>1.9.13</version>
94+
<scope>provided</scope>
95+
<exclusions>
96+
<exclusion>
97+
<groupId>org.codehaus.jackson</groupId>
98+
<artifactId>jackson-mapper-asl</artifactId>
99+
</exclusion>
100+
<exclusion>
101+
<groupId>org.codehaus.jackson</groupId>
102+
<artifactId>jackson-core-asl</artifactId>
103+
</exclusion>
104+
</exclusions>
105+
</dependency>
106+
<dependency>
107+
<groupId>org.codehaus.jackson</groupId>
108+
<artifactId>jackson-xc</artifactId>
109+
<version>1.9.13</version>
110+
<scope>provided</scope>
111+
<exclusions>
112+
<exclusion>
113+
<groupId>org.codehaus.jackson</groupId>
114+
<artifactId>jackson-mapper-asl</artifactId>
115+
</exclusion>
116+
<exclusion>
117+
<groupId>org.codehaus.jackson</groupId>
118+
<artifactId>jackson-core-asl</artifactId>
119+
</exclusion>
120+
</exclusions>
121+
</dependency>
90122
</dependencies>
91123
</profile>
92124

@@ -113,6 +145,38 @@
113145
<artifactId>hadoop-common</artifactId>
114146
<scope>provided</scope>
115147
</dependency>
148+
<dependency>
149+
<groupId>org.codehaus.jackson</groupId>
150+
<artifactId>jackson-jaxrs</artifactId>
151+
<version>1.9.13</version>
152+
<scope>provided</scope>
153+
<exclusions>
154+
<exclusion>
155+
<groupId>org.codehaus.jackson</groupId>
156+
<artifactId>jackson-mapper-asl</artifactId>
157+
</exclusion>
158+
<exclusion>
159+
<groupId>org.codehaus.jackson</groupId>
160+
<artifactId>jackson-core-asl</artifactId>
161+
</exclusion>
162+
</exclusions>
163+
</dependency>
164+
<dependency>
165+
<groupId>org.codehaus.jackson</groupId>
166+
<artifactId>jackson-xc</artifactId>
167+
<version>1.9.13</version>
168+
<scope>provided</scope>
169+
<exclusions>
170+
<exclusion>
171+
<groupId>org.codehaus.jackson</groupId>
172+
<artifactId>jackson-mapper-asl</artifactId>
173+
</exclusion>
174+
<exclusion>
175+
<groupId>org.codehaus.jackson</groupId>
176+
<artifactId>jackson-core-asl</artifactId>
177+
</exclusion>
178+
</exclusions>
179+
</dependency>
116180
</dependencies>
117181
</profile>
118182
</profiles>

hbase-shaded/hbase-shaded-mapreduce/pom.xml

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -265,6 +265,38 @@
265265
</exclusion>
266266
</exclusions>
267267
</dependency>
268+
<dependency>
269+
<groupId>org.codehaus.jackson</groupId>
270+
<artifactId>jackson-jaxrs</artifactId>
271+
<version>1.9.13</version>
272+
<scope>provided</scope>
273+
<exclusions>
274+
<exclusion>
275+
<groupId>org.codehaus.jackson</groupId>
276+
<artifactId>jackson-mapper-asl</artifactId>
277+
</exclusion>
278+
<exclusion>
279+
<groupId>org.codehaus.jackson</groupId>
280+
<artifactId>jackson-core-asl</artifactId>
281+
</exclusion>
282+
</exclusions>
283+
</dependency>
284+
<dependency>
285+
<groupId>org.codehaus.jackson</groupId>
286+
<artifactId>jackson-xc</artifactId>
287+
<version>1.9.13</version>
288+
<scope>provided</scope>
289+
<exclusions>
290+
<exclusion>
291+
<groupId>org.codehaus.jackson</groupId>
292+
<artifactId>jackson-mapper-asl</artifactId>
293+
</exclusion>
294+
<exclusion>
295+
<groupId>org.codehaus.jackson</groupId>
296+
<artifactId>jackson-core-asl</artifactId>
297+
</exclusion>
298+
</exclusions>
299+
</dependency>
268300
<dependency>
269301
<groupId>org.apache.hadoop</groupId>
270302
<artifactId>hadoop-auth</artifactId>
@@ -315,6 +347,38 @@
315347
</exclusion>
316348
</exclusions>
317349
</dependency>
350+
<dependency>
351+
<groupId>org.codehaus.jackson</groupId>
352+
<artifactId>jackson-jaxrs</artifactId>
353+
<version>1.9.13</version>
354+
<scope>provided</scope>
355+
<exclusions>
356+
<exclusion>
357+
<groupId>org.codehaus.jackson</groupId>
358+
<artifactId>jackson-mapper-asl</artifactId>
359+
</exclusion>
360+
<exclusion>
361+
<groupId>org.codehaus.jackson</groupId>
362+
<artifactId>jackson-core-asl</artifactId>
363+
</exclusion>
364+
</exclusions>
365+
</dependency>
366+
<dependency>
367+
<groupId>org.codehaus.jackson</groupId>
368+
<artifactId>jackson-xc</artifactId>
369+
<version>1.9.13</version>
370+
<scope>provided</scope>
371+
<exclusions>
372+
<exclusion>
373+
<groupId>org.codehaus.jackson</groupId>
374+
<artifactId>jackson-mapper-asl</artifactId>
375+
</exclusion>
376+
<exclusion>
377+
<groupId>org.codehaus.jackson</groupId>
378+
<artifactId>jackson-core-asl</artifactId>
379+
</exclusion>
380+
</exclusions>
381+
</dependency>
318382
</dependencies>
319383
</profile>
320384
</profiles>

hbase-shaded/hbase-shaded-testing-util-tester/pom.xml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,12 @@
5757
<version>${project.version}</version>
5858
<scope>test</scope>
5959
</dependency>
60+
<dependency>
61+
<groupId>org.codehaus.jackson</groupId>
62+
<artifactId>jackson-mapper-asl</artifactId>
63+
<version>1.9.13</version>
64+
<scope>test</scope>
65+
</dependency>
6066
</dependencies>
6167

6268
</project>

hbase-shaded/hbase-shaded-testing-util/pom.xml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,22 @@
4545
<groupId>javax.servlet.jsp</groupId>
4646
<artifactId>jsp-api</artifactId>
4747
</exclusion>
48+
<exclusion>
49+
<groupId>org.codehaus.jackson</groupId>
50+
<artifactId>jackson-mapper-asl</artifactId>
51+
</exclusion>
52+
<exclusion>
53+
<groupId>org.codehaus.jackson</groupId>
54+
<artifactId>jackson-core-asl</artifactId>
55+
</exclusion>
56+
<exclusion>
57+
<groupId>org.codehaus.jackson</groupId>
58+
<artifactId>jackson-jaxrs</artifactId>
59+
</exclusion>
60+
<exclusion>
61+
<groupId>org.codehaus.jackson</groupId>
62+
<artifactId>jackson-xc</artifactId>
63+
</exclusion>
4864
</exclusions>
4965
</dependency>
5066
<dependency>
@@ -59,6 +75,24 @@
5975
<version>${hadoop.version}</version>
6076
<type>test-jar</type>
6177
<scope>compile</scope>
78+
<exclusions>
79+
<exclusion>
80+
<groupId>org.codehaus.jackson</groupId>
81+
<artifactId>jackson-mapper-asl</artifactId>
82+
</exclusion>
83+
<exclusion>
84+
<groupId>org.codehaus.jackson</groupId>
85+
<artifactId>jackson-core-asl</artifactId>
86+
</exclusion>
87+
<exclusion>
88+
<groupId>org.codehaus.jackson</groupId>
89+
<artifactId>jackson-jaxrs</artifactId>
90+
</exclusion>
91+
<exclusion>
92+
<groupId>org.codehaus.jackson</groupId>
93+
<artifactId>jackson-xc</artifactId>
94+
</exclusion>
95+
</exclusions>
6296
</dependency>
6397
<dependency>
6498
<groupId>org.apache.hadoop</groupId>
@@ -97,6 +131,12 @@
97131
<type>test-jar</type>
98132
<scope>compile</scope>
99133
</dependency>
134+
<dependency>
135+
<groupId>org.codehaus.jackson</groupId>
136+
<artifactId>jackson-mapper-asl</artifactId>
137+
<version>1.9.13</version>
138+
<scope>test</scope>
139+
</dependency>
100140

101141
<dependency>
102142
<groupId>org.apache.hbase</groupId>

pom.xml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2409,6 +2409,14 @@
24092409
<groupId>com.sun.jersey</groupId>
24102410
<artifactId>jersey-core</artifactId>
24112411
</exclusion>
2412+
<exclusion>
2413+
<groupId>org.codehaus.jackson</groupId>
2414+
<artifactId>jackson-jaxrs</artifactId>
2415+
</exclusion>
2416+
<exclusion>
2417+
<groupId>org.codehaus.jackson</groupId>
2418+
<artifactId>jackson-xc</artifactId>
2419+
</exclusion>
24122420
<exclusion>
24132421
<groupId>io.netty</groupId>
24142422
<artifactId>netty</artifactId>
@@ -2613,6 +2621,14 @@
26132621
<groupId>com.sun.jersey</groupId>
26142622
<artifactId>jersey-core</artifactId>
26152623
</exclusion>
2624+
<exclusion>
2625+
<groupId>org.codehaus.jackson</groupId>
2626+
<artifactId>jackson-jaxrs</artifactId>
2627+
</exclusion>
2628+
<exclusion>
2629+
<groupId>org.codehaus.jackson</groupId>
2630+
<artifactId>jackson-xc</artifactId>
2631+
</exclusion>
26162632
<exclusion>
26172633
<groupId>commons-beanutils</groupId>
26182634
<artifactId>commons-beanutils</artifactId>
@@ -2699,6 +2715,14 @@
26992715
<groupId>com.google.code.findbugs</groupId>
27002716
<artifactId>jsr305</artifactId>
27012717
</exclusion>
2718+
<exclusion>
2719+
<groupId>org.codehaus.jackson</groupId>
2720+
<artifactId>jackson-jaxrs</artifactId>
2721+
</exclusion>
2722+
<exclusion>
2723+
<groupId>org.codehaus.jackson</groupId>
2724+
<artifactId>jackson-xc</artifactId>
2725+
</exclusion>
27022726
</exclusions>
27032727
</dependency>
27042728
<dependency>
@@ -2813,6 +2837,14 @@
28132837
<groupId>com.sun.jersey</groupId>
28142838
<artifactId>jersey-core</artifactId>
28152839
</exclusion>
2840+
<exclusion>
2841+
<groupId>org.codehaus.jackson</groupId>
2842+
<artifactId>jackson-jaxrs</artifactId>
2843+
</exclusion>
2844+
<exclusion>
2845+
<groupId>org.codehaus.jackson</groupId>
2846+
<artifactId>jackson-xc</artifactId>
2847+
</exclusion>
28162848
<exclusion>
28172849
<groupId>io.netty</groupId>
28182850
<artifactId>netty</artifactId>

0 commit comments

Comments
 (0)