74 lines
3.0 KiB
Diff
74 lines
3.0 KiB
Diff
|
diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt
|
||
|
|
index 87c54acbe3..e32d3d9f43 100644
|
||
|
|
--- a/distribution/server/src/assemble/LICENSE.bin.txt
|
||
|
|
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
|
||
|
|
@@ -462,10 +462,10 @@ The Apache Software License, Version 2.0
|
||
|
|
* Okio - com.squareup.okio-okio-2.8.0.jar
|
||
|
|
* Javassist -- org.javassist-javassist-3.25.0-GA.jar
|
||
|
|
* Kotlin Standard Lib
|
||
|
|
- - org.jetbrains.kotlin-kotlin-stdlib-1.4.32.jar
|
||
|
|
- - org.jetbrains.kotlin-kotlin-stdlib-common-1.4.32.jar
|
||
|
|
- - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.4.32.jar
|
||
|
|
- - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.4.32.jar
|
||
|
|
+ - org.jetbrains.kotlin-kotlin-stdlib-1.6.0.jar
|
||
|
|
+ - org.jetbrains.kotlin-kotlin-stdlib-common-1.6.0.jar
|
||
|
|
+ - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.6.0.jar
|
||
|
|
+ - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.6.0.jar
|
||
|
|
- org.jetbrains-annotations-13.0.jar
|
||
|
|
* gRPC
|
||
|
|
- io.grpc-grpc-all-1.45.1.jar
|
||
|
|
diff --git a/pom.xml b/pom.xml
|
||
|
|
index 52c1e587ad..5bdf7946f5 100644
|
||
|
|
--- a/pom.xml
|
||
|
|
+++ b/pom.xml
|
||
|
|
@@ -203,7 +203,7 @@ flexible messaging model and an intuitive client API.</description>
|
||
|
|
<!-- use okio version that matches the okhttp3 version -->
|
||
|
|
<okio.version>2.8.0</okio.version>
|
||
|
|
<!-- override kotlin-stdlib used by okio in order to address CVE-2020-29582 -->
|
||
|
|
- <kotlin-stdlib.version>1.4.32</kotlin-stdlib.version>
|
||
|
|
+ <kotlin-stdlib.version>1.6.0</kotlin-stdlib.version>
|
||
|
|
<nsq-client.version>1.0</nsq-client.version>
|
||
|
|
<cron-utils.version>9.1.6</cron-utils.version>
|
||
|
|
<spring-context.version>5.3.19</spring-context.version>
|
||
|
|
diff --git a/src/owasp-dependency-check-suppressions.xml b/src/owasp-dependency-check-suppressions.xml
|
||
|
|
index 201a23baa0..07300d2601 100644
|
||
|
|
--- a/src/owasp-dependency-check-suppressions.xml
|
||
|
|
+++ b/src/owasp-dependency-check-suppressions.xml
|
||
|
|
@@ -60,36 +60,6 @@
|
||
|
|
<vulnerabilityName regex="true">.*</vulnerabilityName>
|
||
|
|
</suppress>
|
||
|
|
|
||
|
|
- <!-- see https://github.com/apache/pulsar/pull/14629-->
|
||
|
|
- <suppress>
|
||
|
|
- <notes><![CDATA[
|
||
|
|
- file name: kotlin-stdlib-common-1.4.32.jar
|
||
|
|
- ]]></notes>
|
||
|
|
- <sha1>ef50bfa2c0491a11dcc35d9822edbfd6170e1ea2</sha1>
|
||
|
|
- <cpe>cpe:/a:jetbrains:kotlin</cpe>
|
||
|
|
- </suppress>
|
||
|
|
- <suppress>
|
||
|
|
- <notes><![CDATA[
|
||
|
|
- file name: kotlin-stdlib-jdk7-1.4.32.jar
|
||
|
|
- ]]></notes>
|
||
|
|
- <sha1>3546900a3ebff0c43f31190baf87a9220e37b7ea</sha1>
|
||
|
|
- <cve>CVE-2022-24329</cve>
|
||
|
|
- </suppress>
|
||
|
|
- <suppress>
|
||
|
|
- <notes><![CDATA[
|
||
|
|
- file name: kotlin-stdlib-jdk8-1.4.32.jar
|
||
|
|
- ]]></notes>
|
||
|
|
- <sha1>3302f9ec8a5c1ed220781dbd37770072549bd333</sha1>
|
||
|
|
- <cve>CVE-2022-24329</cve>
|
||
|
|
- </suppress>
|
||
|
|
- <suppress>
|
||
|
|
- <notes><![CDATA[
|
||
|
|
- file name: kotlin-stdlib-1.4.32.jar
|
||
|
|
- ]]></notes>
|
||
|
|
- <sha1>461367948840adbb0839c51d91ed74ef4a9ccb52</sha1>
|
||
|
|
- <cve>CVE-2022-24329</cve>
|
||
|
|
- </suppress>
|
||
|
|
-
|
||
|
|
<!-- see https://github.com/alibaba/canal/issues/4010 -->
|
||
|
|
<suppress>
|
||
|
|
<notes><![CDATA[
|