Bump dnsjava:dnsjava from 3.4.0 to 3.6.0 in /hadoop-project

[dependabot]

Bumps dnsjava:dnsjava from 3.4.0 to 3.6.0.

Release notes

Sourced from dnsjava:dnsjava's releases.

v3.6.0

• Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw) Lookup and LookupSession do not sanitize input properly, allowing to smuggle additional responses, even with DNSSEC. I would like to thank Thomas Bellebaum from Fraunhofer AISEC (@​bellebaum) and Martin Schanzenbach (@​schanzen) for reporting and assisting me with this issue.
• Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf) Denial-of-Service Algorithmic Complexity Attacks (KeyTrap)
• Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr) NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap)
• Fix running all DNSSEC on the specified executor
• Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12
• Add A/AAAA record constructor with IP address byte array
• Validate DS record digest lengths (#250)
• Fix NPE in SimpleResolver on invalid responses (#277)
• Add support for JEP 418: Internet-Address Resolution SPI (#290)
• Full JPMS support (#246)
• Pluggable I/O for SimpleResolver (@​chrisruffalo, #253)
• UDP port leak in SimpleResolver (#318)
• Fix clean shutdown in app containers when never used (#319)
• Fix concurrency issue in I/O clients (#315, #323)
• LookupSession doesn't cache CNAMEs (#316)
• SimpleResolver can fail with UPDATE response (#322)
• Replace synchronization in Zone with locks (#305, based on work from @​srijeet0406 in #306)

v3.5.3

• Fix CNAME in LookupSession (#279)
• Fix Name constructor failing with max length, relative name and root origin (#289, @​MMauro94)
• Add config option for Resolver I/O timeout (#273, @​vmarian2)
• Extend I/O logging
• Prevent exception during TCP I/O with missing or truncated length prefix
• Use internal base64 codec for Android compatibility (#271)
• Fix multi-message TSIG stream verification for pre-RFC8945 servers (#295, @​frankarinnet and @​nguichon)
• Add StreamGenerator for generating RFC8945 compliant multi-message streams (related to #295)

v3.5.2

• Correctly render empty TXT records (#254)
• More validation on TLSA data input (#257)

v3.5.1

• Fix validation of TSIG signed responses (#249)
• DS rdata digest validation hexadecimal digits (#252)

v3.5.0

• Add full built-in support for DNSSEC based on dnssecjava (#209)
• Make Record classes serializable again (#242)
• Allow SVCB ServiceMode records without params (#244, @​adam-stoler)
• Fix TCPClient receive timeouts (#218 @​nguydavi, #219)

Note that the license changed! Previous versions were BSD-2-Clause licensed, while from this release on it is BSD-3-Clause.

... (truncated)

Changelog

Sourced from dnsjava:dnsjava's changelog.

07/21/2024

• 3.6.0 released
• Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw) Lookup and LookupSession do not sanitize input properly, allowing to smuggle additional responses, even with DNSSEC. I would like to thank Thomas Bellebaum from Fraunhofer AISEC (@​bellebaum) and Martin Schanzenbach (@​schanzen) for reporting and assisting me with this issue.
• Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf) Denial-of-Service Algorithmic Complexity Attacks (KeyTrap)
• Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr) NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap)
• Fix running all DNSSEC on the specified executor
• Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12
• Add A/AAAA record constructor with IP address byte array
• Validate DS record digest lengths (#250)
• Fix NPE in SimpleResolver on invalid responses (#277)
• Add support for JEP 418: Internet-Address Resolution SPI (#290)
• Full JPMS support (#246)
• Pluggable I/O for SimpleResolver (@​chrisruffalo, #253)
• UDP port leak in SimpleResolver (#318)
• Fix clean shutdown in app containers when never used (#319)
• Fix concurrency issue in I/O clients (#315, #323)
• LookupSession doesn't cache CNAMEs (#316)
• SimpleResolver can fail with UPDATE response (#322)
• Replace synchronization in Zone with locks (#305, based on work from @​srijeet0406 in #306)

11/11/2023

• 3.5.3 released
• Fix CNAME in LookupSession (#279)
• Fix Name constructor failing with max length, relative name and root origin (#289, @​MMauro94)
• Add config option for Resolver I/O timeout (#273, @​vmarian2)
• Extend I/O logging
• Prevent exception during TCP I/O with missing or truncated length prefix
• Use internal base64 codec for Android compatibility (#271)
• Fix multi-message TSIG stream verification for pre-RFC8945 servers (#295, @​frankarinnet and @​nguichon)
• Add StreamGenerator for generating RFC8945 compliant multi-message streams (related to #295)

11/16/2022

• 3.5.2 released
• Correctly render empty TXT records (#254)
• More validation on TLSA data input (#257)

05/15/2022

... (truncated)

Commits

• fd1d7c9 Release v3.6.0
• 9fbab85 Artifact v4 fixes
• bc51df1 Fix links to RFCs and IANA registries
• 5b01f5d Update dependencies
• 2f9b45b Replace synchronization in Zone with locks
• e206796 Add AAAARecord ctor with byte[]
• a24a6bf DDNS response messages do not include the question
• 36ba711 Prevent exceptions during concurrent selector runs
• b842550 Remove junit-pioneer due to lack of Java 8 support
• 711af79 CVE-2023-50868 / KeyTrap: NSEC3 closest encloser proof can exhaust CPU
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	11m 48s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+0 🆗	xmllint	0m 0s		xmllint was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	44m 37s		trunk passed
+1 💚	compile	0m 23s		trunk passed with JDK Ubuntu-11.0.23+9-post-Ubuntu-1ubuntu120.04.2
+1 💚	compile	0m 23s		trunk passed with JDK Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
+1 💚	mvnsite	0m 29s		trunk passed
+1 💚	javadoc	0m 27s		trunk passed with JDK Ubuntu-11.0.23+9-post-Ubuntu-1ubuntu120.04.2
+1 💚	javadoc	0m 24s		trunk passed with JDK Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
+1 💚	shadedclient	80m 46s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 15s		the patch passed
+1 💚	compile	0m 14s		the patch passed with JDK Ubuntu-11.0.23+9-post-Ubuntu-1ubuntu120.04.2
+1 💚	javac	0m 14s		the patch passed
+1 💚	compile	0m 14s		the patch passed with JDK Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
+1 💚	javac	0m 14s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	0m 16s		the patch passed
+1 💚	javadoc	0m 15s		the patch passed with JDK Ubuntu-11.0.23+9-post-Ubuntu-1ubuntu120.04.2
+1 💚	javadoc	0m 14s		the patch passed with JDK Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
-1 ❌	shadedclient	9m 14s		patch has errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	0m 16s		hadoop-project in the patch passed.
+1 💚	asflicense	0m 35s		The patch does not generate ASF License warnings.
		105m 3s

Subsystem	Report/Notes
Docker	ClientAPI=1.46 ServerAPI=1.46 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6955/1/artifact/out/Dockerfile
GITHUB PR	#6955
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint
uname	Linux 8f59da171814 5.15.0-106-generic #116-Ubuntu SMP Wed Apr 17 09:17:56 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / f4aa08e
Default Java	Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
Multi-JDK versions	/usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.23+9-post-Ubuntu-1ubuntu120.04.2 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_412-8u412-ga-1~20.04.1-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6955/1/testReport/
Max. process+thread count	552 (vs. ulimit of 5500)
modules	C: hadoop-project U: hadoop-project
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-6955/1/console
versions	git=2.25.1 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[pjfanning]

compile issues

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.10.1:testCompile (default-testCompile) on project hadoop-registry: Compilation failure: Compilation failure: 
[ERROR] /Users/pj.fanning/code/hadoop/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java:[353,27] reference to OPTRecord is ambiguous
[ERROR]   both constructor OPTRecord(int,int,int,int,org.xbill.DNS.EDNSOption...) in org.xbill.DNS.OPTRecord and constructor OPTRecord(int,int,int,int,java.util.List<org.xbill.DNS.EDNSOption>) in org.xbill.DNS.OPTRecord match
[ERROR] /Users/pj.fanning/code/hadoop/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java:[395,27] reference to OPTRecord is ambiguous
[ERROR]   both constructor OPTRecord(int,int,int,int,org.xbill.DNS.EDNSOption...) in org.xbill.DNS.OPTRecord and constructor OPTRecord(int,int,int,int,java.util.List<org.xbill.DNS.EDNSOption>) in org.xbill.DNS.OPTRecord match
[ERROR] /Users/pj.fanning/code/hadoop/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java:[424,27] reference to OPTRecord is ambiguous
[ERROR]   both constructor OPTRecord(int,int,int,int,org.xbill.DNS.EDNSOption...) in org.xbill.DNS.OPTRecord and constructor OPTRecord(int,int,int,int,java.util.List<org.xbill.DNS.EDNSOption>) in org.xbill.DNS.OPTRecord match
[ERROR] /Users/pj.fanning/code/hadoop/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java:[595,27] reference to OPTRecord is ambiguous
[ERROR]   both constructor OPTRecord(int,int,int,int,org.xbill.DNS.EDNSOption...) in org.xbill.DNS.OPTRecord and constructor OPTRecord(int,int,int,int,java.util.List<org.xbill.DNS.EDNSOption>) in org.xbill.DNS.OPTRecord match

[dependabot]

Looks like dnsjava:dnsjava is up-to-date now, so this is no longer needed.