Upgrade Versions - Fix Security Vulnerabilities #303

flamaral256 · 2024-06-03T12:31:48Z

No description provided.

ar · 2024-06-03T13:13:15Z

Please detail which security vulnerabilities this PR addresses.

flamaral256 · 2024-06-03T22:16:12Z

Vulnerabilities + upgrades in this pull request:

org.slf4j:slf4j-api
just upgrade version to last stable

ch.qos.logback:logback-classic
CVE-2023-6378

org.hibernate:hibernate-core
just upgrade version to last stable

org.eclipse.jetty:jetty-server
just upgrade version to last stable

org.jline:jline
Vulnerabilities from dependencies:
CVE-2023-35887

mysql:mysql-connector-java
Vulnerabilities from dependencies:
CVE-2022-3510
CVE-2022-3509
CVE-2022-3171

com.mchange:c3p0
just upgrade version to last stable

org.elasticsearch.client:elasticsearch-rest-high-level-client
Vulnerabilities from dependencies:
CVE-2024-23450
CVE-2023-46673
CVE-2023-31419
CVE-2023-31418
CVE-2023-31417
CVE-2022-23710
CVE-2022-23708

flamaral256 added 2 commits June 3, 2024 08:48

Fix libraries.gradle vulnerabilities

9977da4

Update libraries.gradle

f707b49

Update libraries.gradle logback

f01758f

ar approved these changes Jun 5, 2024

View reviewed changes

ar merged commit b03d77b into jpos:master Jun 5, 2024

flamaral256 deleted the patch-1 branch June 5, 2024 19:06

Provide feedback