Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 3.28] Fix CVE #3084

Merged
merged 1 commit into from
Oct 23, 2023
Merged

[Backport 3.28] Fix CVE #3084

merged 1 commit into from
Oct 23, 2023

Conversation

c2c-bot-gis-ci
Copy link
Contributor

Backport of #3083

    Upgrade com.github.spotbugs:[email protected] to com.github.spotbugs:[email protected] to fix
    ✗ Out-of-bounds Write [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEBCEL-3106013] in org.apache.bcel:[email protected]
      introduced by com.github.spotbugs:[email protected] > org.apache.bcel:[email protected]

    Upgrade io.sentry:[email protected] to io.sentry:[email protected] to fix

    Upgrade org.hibernate:[email protected] to org.hibernate:[email protected] to fix

    Upgrade org.json:json@20230227 to org.json:json@20231013 to fix
    ✗ Allocation of Resources Without Limits or Throttling (new) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGJSON-5962464] in org.json:json@20230227
      introduced by org.json:json@20230227
@sbrunner sbrunner merged commit 9aa5f04 into 3.28 Oct 23, 2023
10 checks passed
@sbrunner sbrunner deleted the backport/3083-to-3.28 branch October 23, 2023 14:43
@sbrunner sbrunner added the security Security fixes label Sep 18, 2024
@sbrunner sbrunner added this to the 3.28.8 milestone Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security Security fixes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants