Skip to content
Snippets Groups Projects
Commit d11e04e4 authored by Derek Zhang's avatar Derek Zhang
Browse files

Merge branch 'cve-fix' into 'master'

fix: nimbus and commons-io cve

See merge request !503
parents 3fb2ecaf 6b33011d
No related branches found
No related tags found
1 merge request!503fix: nimbus and commons-io cve
Pipeline #291809 failed
......@@ -307,7 +307,6 @@ BSD-2-Clause
The following software have components provided under the terms of this license:
- Apache Log4j Core (from https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core)
- Hamcrest (from http://hamcrest.org/JavaHamcrest/)
- Hamcrest Core (from http://hamcrest.org/, http://hamcrest.org/JavaHamcrest/, https://repo1.maven.org/maven2/org/hamcrest/hamcrest-core)
- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
- Jodd Util (from https://util.jodd.org)
......@@ -454,6 +453,7 @@ The following software have components provided under the terms of this license:
- JUnit Platform Engine API (from http://junit.org/junit5/, https://junit.org/junit5/)
- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
- Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
- Jakarta Dependency Injection (from https://github.com/eclipse-ee4j/injection-api)
- Jakarta Expression Language API (from https://projects.eclipse.org/projects/ee4j.el)
- Jakarta Messaging API (from https://projects.eclipse.org/projects/ee4j.jms)
- Jakarta RESTful WS API (from https://github.com/eclipse-ee4j/jaxrs-api, https://repo1.maven.org/maven2/jakarta/ws/rs/jakarta.ws.rs-api)
......@@ -482,6 +482,7 @@ The following software have components provided under the terms of this license:
- Jackson-core (from http://wiki.fasterxml.com/JacksonHome, https://github.com/FasterXML/jackson-core)
- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
- Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
- Jakarta Dependency Injection (from https://github.com/eclipse-ee4j/injection-api)
- Jakarta Expression Language API (from https://projects.eclipse.org/projects/ee4j.el)
- Jakarta Messaging API (from https://projects.eclipse.org/projects/ee4j.jms)
- Jakarta RESTful WS API (from https://github.com/eclipse-ee4j/jaxrs-api, https://repo1.maven.org/maven2/jakarta/ws/rs/jakarta.ws.rs-api)
......@@ -502,7 +503,6 @@ ISC
========================================================================
The following software have components provided under the terms of this license:
- Java Native Access Platform (from https://github.com/java-native-access/jna)
- Spring Security - Core (from http://spring.io/spring-security, https://repo1.maven.org/maven2/org/springframework/security/spring-security-core, https://spring.io/projects/spring-security, https://spring.io/spring-security)
========================================================================
......@@ -524,6 +524,7 @@ LGPL-2.1-or-later
The following software have components provided under the terms of this license:
- Java Native Access (from https://github.com/java-native-access/jna, https://github.com/twall/jna)
- Java Native Access Platform (from https://github.com/java-native-access/jna)
- Javassist (from http://www.javassist.org/, https://www.javassist.org/)
========================================================================
......@@ -651,7 +652,6 @@ public-domain
========================================================================
The following software have components provided under the terms of this license:
- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
- JBoss Logging 3 (from http://www.jboss.org)
- JSON in Java (from https://github.com/douglascrockford/JSON-java)
- PostgreSQL JDBC Driver
......@@ -107,7 +107,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.11.0</version>
<version>2.14.0</version>
<scope>compile</scope>
</dependency>
<dependency>
......
......@@ -92,7 +92,7 @@
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>8.2</version>
<version>9.37.2</version>
<exclusions>
<exclusion>
<groupId>net.minidev</groupId>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment