[CVE] Update Nacos 1.0.0 to Nacos 1.2.0(Solve the security problem of the old version of fastjson) (#4753)
* Update nacos version to 1.2.0(Solve the security problem of the old version of fastsjon)
Co-authored-by: songzhendong <289505773@qq.com>
Co-authored-by: songzhendong <songzhendong@xiaomi.com>
diff --git a/dist-material/release-docs/LICENSE b/dist-material/release-docs/LICENSE
index 8ca15ba..94e117c 100755
--- a/dist-material/release-docs/LICENSE
+++ b/dist-material/release-docs/LICENSE
@@ -216,7 +216,7 @@
The text of each license is also included at licenses/LICENSE-[project].txt.
Apache: httpcomponents 4.x.x: http://hc.apache.org/index.html, Apache 2.0
- Apache: fastjson 1.2.47: https://github.com/alibaba/fastjson, Apache 2.0
+ Apache: fastjson 1.2.58: https://github.com/alibaba/fastjson, Apache 2.0
Apache: netty-tcnative-boringssl-static 2.0.26: https://github.com/netty/netty-tcnative, Apache 2.0
========================================================================
@@ -310,7 +310,7 @@
consul-client 1.2.6: https://github.com/rickfast/consul-client, Apache 2.0
okhttp 3.9.0: https://github.com/square/okhttp, Apache 2.0
prometheus client_java 0.6.0: https://github.com/prometheus/client_java, Apache 2.0
- nacos 1.0.0: https://github.com/alibaba/nacos, Apache 2.0
+ nacos 1.2.0: https://github.com/alibaba/nacos, Apache 2.0
proto files from istio/istio: https://github.com/istio/istio Apache 2.0
proto files from istio/api: https://github.com/istio/api Apache 2.0
proto files from envoyproxy/data-plane-api: https://github.com/envoyproxy/data-plane-api Apache 2.0
diff --git a/dist-material/release-docs/NOTICE b/dist-material/release-docs/NOTICE
index 9ea8d91..8fc161e 100755
--- a/dist-material/release-docs/NOTICE
+++ b/dist-material/release-docs/NOTICE
@@ -840,7 +840,7 @@
------
===========================================================================
-nacos-1.0.0 Notice
+nacos-1.2.0 Notice
===========================================================================
Nacos
Copyright 2018-2019 The Apache Software Foundation
diff --git a/oap-server/pom.xml b/oap-server/pom.xml
index e04ad5a..2261e30 100755
--- a/oap-server/pom.xml
+++ b/oap-server/pom.xml
@@ -78,7 +78,7 @@
<simpleclient.version>0.6.0</simpleclient.version>
<apollo.version>1.4.0</apollo.version>
<maven-docker-plugin.version>0.30.0</maven-docker-plugin.version>
- <nacos.version>1.0.0</nacos.version>
+ <nacos.version>1.2.0</nacos.version>
<curator.version>4.0.1</curator.version>
<curator-test.version>2.12.0</curator-test.version>
<etcd4j.version>2.17.0</etcd4j.version>
diff --git a/tools/dependencies/known-oap-backend-dependencies-es7.txt b/tools/dependencies/known-oap-backend-dependencies-es7.txt
index 5eda485..d7bb441 100755
--- a/tools/dependencies/known-oap-backend-dependencies-es7.txt
+++ b/tools/dependencies/known-oap-backend-dependencies-es7.txt
@@ -38,7 +38,7 @@
error_prone_annotations-2.3.2.jar
etcd4j-2.17.0.jar
failureaccess-1.0.1.jar
-fastjson-1.2.47.jar
+fastjson-1.2.58.jar
freemarker-2.3.28.jar
graphql-java-8.0.jar
graphql-java-tools-5.2.3.jar
@@ -116,9 +116,9 @@
lucene-spatial3d-8.0.0.jar
lucene-suggest-8.0.0.jar
minimal-json-0.9.5.jar
-nacos-api-1.0.0.jar
-nacos-client-1.0.0.jar
-nacos-common-1.0.0.jar
+nacos-api-1.2.0.jar
+nacos-client-1.2.0.jar
+nacos-common-1.2.0.jar
netty-3.10.5.Final.jar
netty-buffer-4.1.42.Final.jar
netty-codec-4.1.42.Final.jar
diff --git a/tools/dependencies/known-oap-backend-dependencies.txt b/tools/dependencies/known-oap-backend-dependencies.txt
index 58061ef..752cf11 100755
--- a/tools/dependencies/known-oap-backend-dependencies.txt
+++ b/tools/dependencies/known-oap-backend-dependencies.txt
@@ -37,7 +37,7 @@
error_prone_annotations-2.3.2.jar
etcd4j-2.17.0.jar
failureaccess-1.0.1.jar
-fastjson-1.2.47.jar
+fastjson-1.2.58.jar
freemarker-2.3.28.jar
graphql-java-8.0.jar
graphql-java-tools-5.2.3.jar
@@ -114,9 +114,9 @@
lucene-spatial3d-7.3.1.jar
lucene-suggest-7.3.1.jar
minimal-json-0.9.5.jar
-nacos-api-1.0.0.jar
-nacos-client-1.0.0.jar
-nacos-common-1.0.0.jar
+nacos-api-1.2.0.jar
+nacos-client-1.2.0.jar
+nacos-common-1.2.0.jar
netty-3.10.5.Final.jar
netty-buffer-4.1.42.Final.jar
netty-codec-4.1.42.Final.jar