Skip to content

Commit

Permalink
hotfix: pin okio to 3.5.0 for CVE-2023-3635
Browse files Browse the repository at this point in the history 
 ✓  mavemuri@mavemuri-ndb-bld  ~/apic-cves  japi-compliance-checker -lib okio okio-3.0.0.jar okio-3.5.0.jar
Preparing, please wait ...
WARNING: set #1 version number to 3.0.0 (use --v1=NUM option to change it)
Using Java 11.0.14.1
Reading classes 3.0.0 ...
WARNING: empty dump
WARNING: set #2 version number to 3.5.0 (use --v2=NUM option to change it)
Reading classes 3.5.0 ...
WARNING: empty dump
Comparing classes ...
Creating compatibility report ...
Binary compatibility: 100%
Source compatibility: 100%
Total binary compatibility problems: 0, warnings: 0
Total source compatibility problems: 0, warnings: 0
  • Loading branch information
@mavemuri
mavemuri committed Sep 7, 2023
1 parent d337beb commit c8cad19
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
<protobuf.version>3.24.2</protobuf.version>
<testcontainers.version>1.19.0</testcontainers.version>
<kafka-libs.version>7.4.1</kafka-libs.version>
<okio.version>3.5.0</okio.version>
</properties>

<scm>
Expand Down Expand Up @@ -121,6 +122,16 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<version>${okio.version}</version>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<version>${okio.version}</version>
</dependency>
<dependency>
<groupId>org.apache.avro</groupId>
<artifactId>avro</artifactId>
Expand Down

0 comments on commit c8cad19

Please sign in to comment.