Skip to content

Commit 81eb983

Browse files
barthanssensbarthanssens
authored
GH-5060: use more recent version of zookeeper to fix CVE (#5062)
Signed-off-by: Bart Hanssens <bart.hanssens@bosa.fgov.be>
1 parent e0e9868 commit 81eb983

1 file changed

Lines changed: 14 additions & 0 deletions

File tree

core/sail/solr/pom.xml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,22 @@
1212
<properties>
1313
<!-- FIXME: Support for embedded Solr server require non-provided Java EE dependencies -->
1414
<enforce-javaee-provided.fail>false</enforce-javaee-provided.fail>
15+
<!-- use at least 3.7 to fix CVE -->
16+
<zookeeper.version>3.7.2</zookeeper.version>
1517
</properties>
1618
<dependencies>
19+
<!-- use at least zookeeper 3.7.2 to fix CVE, can be removed if solr provides a newer version -->
20+
<dependency>
21+
<groupId>org.apache.zookeeper</groupId>
22+
<artifactId>zookeeper</artifactId>
23+
<version>${zookeeper.version}</version>
24+
</dependency>
25+
<dependency>
26+
<groupId>org.apache.zookeeper</groupId>
27+
<artifactId>zookeeper-jute</artifactId>
28+
<version>${zookeeper.version}</version>
29+
</dependency>
30+
<!-- -->
1731
<dependency>
1832
<groupId>${project.groupId}</groupId>
1933
<artifactId>rdf4j-sail-lucene-api</artifactId>

0 commit comments

Comments
 (0)