ambari-infra
ambari-infra copied to clipboard
apache
Apache Ambari Infra is a sub project of Apache Ambari.
[](https://infosecwriteups.com/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb) --- This is a security fix for a high severity vulnerability in your [Apache Maven](https://maven.apache.org/) `pom.xml` file(s). The build files indicate that this project is resolving dependencies over HTTP...
Bumps [guava](https://github.com/google/guava) from 28.0-jre to 32.0.0-jre. Release notes Sourced from guava's releases. 32.0.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>32.0.0-jre</version> <!-- or, for Android: --> <version>32.0.0-android</version> </dependency> Jar files 32.0.0-jre.jar 32.0.0-android.jar Guava...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [spring-beans](https://github.com/spring-projects/spring-framework) from 5.1.3.RELEASE to 5.2.20.RELEASE. Release notes Sourced from spring-beans's releases. v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references #28262 Improve diagnostics in SpEL for...
Bumps commons-fileupload from 1.3.3 to 1.5. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.10.0 to 2.12.7.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: #...
Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.61 to 1.67. Changelog Sourced from bcprov-jdk15on's changelog. 2.1.1 Version Release: 1.73 Date: TBD 2.2.1 Version Release: 1.72 Date: 2022, September 25th ... (truncated) Commits See full...
Bumps [aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) from 1.11.5 to 1.12.261. Changelog Sourced from aws-java-sdk-s3's changelog. 1.12.261 2022-07-14 AWS Config Features Update ResourceType enum with values for Route53Resolver, Batch, DMS, Workspaces, Stepfunctions, SageMaker, ElasticLoadBalancingV2, MSK...
Bumps [aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) from 1.11.445 to 1.12.261. Changelog Sourced from aws-java-sdk-s3's changelog. 1.12.261 2022-07-14 AWS Config Features Update ResourceType enum with values for Route53Resolver, Batch, DMS, Workspaces, Stepfunctions, SageMaker, ElasticLoadBalancingV2, MSK...
Bumps log4j-core from 2.11.1 to 2.17.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
Bumps [spring-boot-starter-web](https://github.com/spring-projects/spring-boot) from 2.0.6.RELEASE to 2.5.12. Release notes Sourced from spring-boot-starter-web's releases. v2.5.12 :lady_beetle: Bug Fixes MustacheAutoConfiguration in a Servlet web application fails with a ClassNotFoundException when Spring MVC is...