Addresses CVE-2020-15522 and CVE-2020-26939. This can break builds with older maven shade plugins or other code using asm.jar which is not aware of recent java bytecodes and/or multi-release JARs. fix: use a later version of asm.jar Contributed by PJ Fanning
This commit is contained in:
parent
08760fc4c1
commit
cd856b7195
@ -451,8 +451,8 @@ com.microsoft.azure:azure-cosmosdb-gateway:2.4.5
|
|||||||
com.microsoft.azure:azure-data-lake-store-sdk:2.3.9
|
com.microsoft.azure:azure-data-lake-store-sdk:2.3.9
|
||||||
com.microsoft.azure:azure-keyvault-core:1.0.0
|
com.microsoft.azure:azure-keyvault-core:1.0.0
|
||||||
com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7
|
com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7
|
||||||
org.bouncycastle:bcpkix-jdk15on:1.60
|
org.bouncycastle:bcpkix-jdk15on:1.68
|
||||||
org.bouncycastle:bcprov-jdk15on:1.60
|
org.bouncycastle:bcprov-jdk15on:1.68
|
||||||
org.checkerframework:checker-qual:2.5.2
|
org.checkerframework:checker-qual:2.5.2
|
||||||
org.checkerframework:checker-qual:3.8.0
|
org.checkerframework:checker-qual:3.8.0
|
||||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||||
|
@ -106,7 +106,7 @@
|
|||||||
<guice.version>4.0</guice.version>
|
<guice.version>4.0</guice.version>
|
||||||
<joda-time.version>2.9.9</joda-time.version>
|
<joda-time.version>2.9.9</joda-time.version>
|
||||||
|
|
||||||
<bouncycastle.version>1.60</bouncycastle.version>
|
<bouncycastle.version>1.68</bouncycastle.version>
|
||||||
|
|
||||||
<!-- Required for testing LDAP integration -->
|
<!-- Required for testing LDAP integration -->
|
||||||
<apacheds.version>2.0.0-M21</apacheds.version>
|
<apacheds.version>2.0.0-M21</apacheds.version>
|
||||||
|
Loading…
Reference in New Issue
Block a user