Skip to content

Commit

Permalink
[PRODSEC-7375] activemq version bump, fixing CVE-2023-46604
Browse files Browse the repository at this point in the history
  • Loading branch information
kcichonczyk committed Nov 14, 2023
1 parent 410f042 commit fb3456f
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,20 @@
<artifactId>snakeyaml</artifactId>
<version>${dependency.snakeyaml.version}</version>
</dependency>

<!-- PRODSEC-7375 / CVE-2023-46604-->
<!-- Both dependencies can be removed once spring-boot-starter-activemq has secure versions of those dependencies-->
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-client</artifactId>
<version>5.18.3</version>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-client-jakarta</artifactId>
<version>5.18.3</version>
</dependency>

</dependencies>
</dependencyManagement>

Expand Down

0 comments on commit fb3456f

Please sign in to comment.