Upgrade to com.google.guava 32.1.3-jre to fix CVE-2023-2976 and CVE-2…

…020-8908
apache · Mar 5, 2025 · 0b041ef · 0b041ef
1 parent d552bb0
commit 0b041ef
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/LICENSE-binary b/LICENSE-binary
@@ -239,6 +239,7 @@ com.google.json-simple:json-simple:1.1.1
 com.google.guava:failureaccess:1.0
 com.google.guava:guava:20.0
 com.google.guava:guava:32.0.1-jre
+com.google.guava:guava:32.1.3-jre
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
 com.microsoft.azure:azure-storage:7.0.0
 com.nimbusds:nimbus-jose-jwt:9.37.2

diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
@@ -108,7 +108,7 @@
     <findbugs.version>3.0.5</findbugs.version>
     <dnsjava.version>3.6.1</dnsjava.version>
 
-    <guava.version>27.0-jre</guava.version>
+    <guava.version>32.1.3-jre</guava.version>
     <guice.version>5.1.0</guice.version>
 
     <bouncycastle.version>1.78.1</bouncycastle.version>