Skip to content

Commit

Permalink
Upgrade com.fasterxml.jackson.core:jackson-databind:2.13.3 to v2.13.4 (
Browse files Browse the repository at this point in the history 
…#89)

* Upgrade com.fasterxml.jackson.core:jackson-databind:2.13.3 to v2.13.4.2 to address CVE-2022-42003 and CVE-2022-42004
  • Loading branch information
@dude0001
dude0001 authored Nov 1, 2022
1 parent 2912dad commit 42e70ed
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -482,6 +482,9 @@ public static String UriEncode(CharSequence input, boolean encodeSlash) {

### Release 1.1.5

- Update dependencies to address the following security vulnerabilities.
* CVE-2022-42003
* CVE-2022-42004
- Add support for multi-classloader environments, such as Apache Flink ([#36](https://github.com/aws/aws-msk-iam-auth/issues/36))

### Release 1.1.4
Expand Down
2 changes: 1 addition & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ dependencies {
implementation('software.amazon.awssdk:auth')
implementation('software.amazon.awssdk:sso')
implementation('software.amazon.awssdk:sts')
implementation('com.fasterxml.jackson.core:jackson-databind:2.13.3')
implementation('com.fasterxml.jackson.core:jackson-databind:2.13.4.2')
implementation('org.slf4j:slf4j-api:1.7.25')

runtimeOnly('software.amazon.awssdk:apache-client')
Expand Down

0 comments on commit 42e70ed

Please sign in to comment.