Skip to content

Commit

Permalink
NO_ISSUE: Overriding commons-compress version to fix CVE-2023-42503 p…
Browse files Browse the repository at this point in the history 
…resent in 1.22
  • Loading branch information
@pefernan
pefernan committed Oct 30, 2023
1 parent c19060f commit 27e4445
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions kogito-build/kogito-dependencies-bom/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,7 @@
<version.com.github.stephenc.jcip>1.0-1</version.com.github.stephenc.jcip>
<version.black.ninia>4.1.1</version.black.ninia>
<version.com.google.guava>32.0.1-jre</version.com.google.guava>
<version.apache.commons.commons-compress>1.24.0</version.apache.commons.commons-compress>
</properties>

<dependencyManagement>
Expand All @@ -136,6 +137,13 @@
<artifactId>guava</artifactId>
<version>${version.com.google.guava}</version>
</dependency>

<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>${version.apache.commons.commons-compress}</version>
</dependency>

<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
Expand Down

0 comments on commit 27e4445

Please sign in to comment.