NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086
NIFI-9170 Add two more 1.9.4 references to close out the few things identified by the Maven dependency plugin.
This closes #5351
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
diff --git a/nifi-external/nifi-spark-receiver/pom.xml b/nifi-external/nifi-spark-receiver/pom.xml
index dd82b8d..25f2c79 100644
--- a/nifi-external/nifi-spark-receiver/pom.xml
+++ b/nifi-external/nifi-spark-receiver/pom.xml
@@ -36,6 +36,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
<dependencies>
diff --git a/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml b/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
index f4d3271..b32d007 100644
--- a/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-accumulo-bundle/pom.xml
@@ -48,6 +48,12 @@
<artifactId>commons-io</artifactId>
<version>2.10.0</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
index e08bf5e..ead30bf 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-optimistic-locking/pom.xml
@@ -39,5 +39,9 @@
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-web-security</artifactId>
</dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ </dependency>
</dependencies>
</project>
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
index 99fbb81..ca18417 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/pom.xml
@@ -66,6 +66,12 @@
<type>war</type>
<version>1.15.0-SNAPSHOT</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-hive-bundle/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/pom.xml
index c87ffe1..94124ef 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/pom.xml
@@ -85,6 +85,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
diff --git a/nifi-nar-bundles/nifi-kite-bundle/pom.xml b/nifi-nar-bundles/nifi-kite-bundle/pom.xml
index eb97c2e..1997d1f 100644
--- a/nifi-nar-bundles/nifi-kite-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-kite-bundle/pom.xml
@@ -56,6 +56,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
<!-- Override jackson 2.3.1 from kite -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
diff --git a/nifi-nar-bundles/nifi-parquet-bundle/pom.xml b/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
index 99b53aa..82c2026 100644
--- a/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-parquet-bundle/pom.xml
@@ -51,6 +51,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
index 48b08c7..3b98cdf 100644
--- a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
@@ -53,6 +53,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
<!-- Override jackson-databind 2.9.10.4 from ranger -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
index b61f4df..f5ddf96 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/pom.xml
@@ -100,6 +100,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
index 96eadf7..b6eabb3 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/pom.xml
@@ -70,6 +70,12 @@
<artifactId>commons-compress</artifactId>
<version>1.21</version>
</dependency>
+ <!-- Override commons-beanutils -->
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
diff --git a/nifi-toolkit/nifi-toolkit-admin/pom.xml b/nifi-toolkit/nifi-toolkit-admin/pom.xml
index cbdff4d..5f35b32 100644
--- a/nifi-toolkit/nifi-toolkit-admin/pom.xml
+++ b/nifi-toolkit/nifi-toolkit-admin/pom.xml
@@ -22,6 +22,11 @@
<dependencies>
<dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.4</version>
+ </dependency>
+ <dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
<version>1.4</version>
