From 7e89f6e04e5ff50c4c250517a3b2e84847442ed2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9Cliuliaozhong=E2=80=9D?= <liuliaozhong@canway.net>
Date: Thu, 23 Feb 2023 17:36:51 +0800
Subject: [PATCH] =?UTF-8?q?bugfix:=20=E4=BF=AE=E5=A4=8Dlog4j1.x=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E4=BB=A3=E7=A0=81=E6=89=A7=E8=A1=8C=E6=BC=8F=E6=B4=9E?=
 =?UTF-8?q?(CVE-2021-4104)=20#1756?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/backend/build.gradle                                      | 4 ++++
 src/backend/job-execute/service-job-execute/build.gradle      | 4 ++--
 .../tencent/bk/job/execute/service/impl/LogServiceImpl.java   | 2 +-
 support-files/dependJarInfo/md5List.txt                       | 2 ++
 support-files/dependJarInfo/nameList.txt                      | 2 ++
 support-files/dependJarInfo/orgList.txt                       | 2 ++
 support-files/dependJarInfo/versionList.txt                   | 2 ++
 7 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/backend/build.gradle b/src/backend/build.gradle
index b3bab50370..20b9527c0b 100644
--- a/src/backend/build.gradle
+++ b/src/backend/build.gradle
@@ -91,6 +91,8 @@ ext {
     // https://mvnrepository.com/artifact/org.apache.commons/commons-pool2
     set('apacheCommonsPoolVersion', "2.8.0")
     set('apacheCommonsCodecVersion', "1.14")
+    set('apacheCuratorFrameworkVersion', "5.4.0")
+    set('apacheCuratorRecipesVersion', "5.4.0")
     set('dozerVersion', "5.5.1")
     set('commonsCollectionsVersion', "3.2.2")
     set('jedisVersion', "3.0.1")
@@ -229,6 +231,8 @@ subprojects {
             dependency "io.springfox:springfox-swagger-ui:$swaggerVersion"
             dependency "org.apache.commons:commons-collections4:$apacheCommonsCollectionVersion"
             dependency "org.apache.commons:commons-pool2:$apacheCommonsPoolVersion"
+            dependency "org.apache.curator:curator-framework:$apacheCuratorFrameworkVersion"
+            dependency "org.apache.curator:curator-recipes:$apacheCuratorRecipesVersion"
             dependency "net.sf.dozer:dozer:$dozerVersion"
             dependency "commons-collections:commons-collections:$commonsCollectionsVersion"
             dependency "org.jedis:jedis:$jedisVersion"
diff --git a/src/backend/job-execute/service-job-execute/build.gradle b/src/backend/job-execute/service-job-execute/build.gradle
index d6598f4911..166a684efc 100644
--- a/src/backend/job-execute/service-job-execute/build.gradle
+++ b/src/backend/job-execute/service-job-execute/build.gradle
@@ -53,9 +53,9 @@ dependencies {
     implementation 'io.micrometer:micrometer-registry-prometheus'
     implementation "org.hibernate.validator:hibernate-validator"
     // https://mvnrepository.com/artifact/org.apache.curator/curator-framework
-    api(group: 'org.apache.curator', name: 'curator-framework', version: '5.1.0')
+    api(group: 'org.apache.curator', name: 'curator-framework')
     // https://mvnrepository.com/artifact/org.apache.curator/curator-recipes
-    api(group: 'org.apache.curator', name: 'curator-recipes', version: '5.1.0')
+    api(group: 'org.apache.curator', name: 'curator-recipes')
 
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
     testImplementation 'org.apache.commons:commons-lang3'
diff --git a/src/backend/job-execute/service-job-execute/src/main/java/com/tencent/bk/job/execute/service/impl/LogServiceImpl.java b/src/backend/job-execute/service-job-execute/src/main/java/com/tencent/bk/job/execute/service/impl/LogServiceImpl.java
index 7647e6c621..1edeb4ed27 100644
--- a/src/backend/job-execute/service-job-execute/src/main/java/com/tencent/bk/job/execute/service/impl/LogServiceImpl.java
+++ b/src/backend/job-execute/service-job-execute/src/main/java/com/tencent/bk/job/execute/service/impl/LogServiceImpl.java
@@ -54,7 +54,7 @@
 import com.tencent.bk.job.logsvr.model.service.ServiceScriptLogQueryRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
diff --git a/support-files/dependJarInfo/md5List.txt b/support-files/dependJarInfo/md5List.txt
index 3cb10756e2..2a1ffe0b88 100644
--- a/support-files/dependJarInfo/md5List.txt
+++ b/support-files/dependJarInfo/md5List.txt
@@ -35,6 +35,8 @@ a69448e8c1e24d989266083c301e354b
 fa752c3cb5474b05e14bf2ed7e242020
 040b4b4d8eac886f6b4a2a3bd2f31b00
 08c4c1bdf25e2e30c2615bc477c3b36c
+1fbff4f1b23cc418d1a4d9d0f12f93b5
+955750f1af38c1c2382b96e128810f99
 3b76e3e8bb6814dd418b058c6c8e1b3b
 54eec02e942f50ffea7e147f33cd85f7
 67beeee58df00366100061c7da82f4c2
diff --git a/support-files/dependJarInfo/nameList.txt b/support-files/dependJarInfo/nameList.txt
index 1c8974d965..b17f1e6b18 100644
--- a/support-files/dependJarInfo/nameList.txt
+++ b/support-files/dependJarInfo/nameList.txt
@@ -35,6 +35,8 @@ commons-lang
 commons-lang3
 commons-logging
 commons-pool2
+curator-framework
+curator-recipes
 consul-api
 dozer
 error_prone_annotations
diff --git a/support-files/dependJarInfo/orgList.txt b/support-files/dependJarInfo/orgList.txt
index 8ce39bec9a..e869b45881 100644
--- a/support-files/dependJarInfo/orgList.txt
+++ b/support-files/dependJarInfo/orgList.txt
@@ -35,6 +35,8 @@ commons-lang
 org.apache.commons
 commons-logging
 org.apache.commons
+org.apache.curator
+org.apache.curator
 com.ecwid.consul
 net.sf.dozer
 com.google.errorprone
diff --git a/support-files/dependJarInfo/versionList.txt b/support-files/dependJarInfo/versionList.txt
index 3d67a17ff8..b6de1b61df 100644
--- a/support-files/dependJarInfo/versionList.txt
+++ b/support-files/dependJarInfo/versionList.txt
@@ -35,6 +35,8 @@
 3.9
 1.2
 2.8.0
+5.4.0
+5.4.0
 1.4.1
 5.5.1
 2.3.4