aceql-http icon indicating copy to clipboard operation
aceql-http copied to clipboard
verified publisher icon kawansoft

Version uplift to resolve CVE-2024-52317

Open granadacoder opened this issue 1 year ago • 3 comments

(to resolve CVE-2024-52317)

as seen here: https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.95

	<dependency>
		<groupId>org.apache.tomcat.embed</groupId>
		<artifactId>tomcat-embed-core</artifactId>
		<version>9.0.98</version>
	</dependency>

	<dependency>
		<groupId>org.apache.tomcat</groupId>
		<artifactId>tomcat-jdbc</artifactId>
		<version>9.0.98</version>
	</dependency>

/* others below not related to CVE */

		<groupId>org.apache.commons</groupId>
		<artifactId>commons-lang3</artifactId>
		<version>3.17.0</version>

    <groupId>org.postgresql</groupId>
    <artifactId>postgresql</artifactId>
    <version>42.7.4</version>

granadacoder avatar Dec 27 '24 15:12 granadacoder

Originally seen here: https://github.com/kawansoft/aceql-http/pull/38

This PR would replace /38

granadacoder avatar Dec 27 '24 15:12 granadacoder

@ndepomereu thank you for your consideration and hopefully quick merge (and subsequent packaging/deployment)

granadacoder avatar Dec 27 '24 15:12 granadacoder

This is 2 months old now.

I am trying to help with the upkeep.

But I cannot merge.

granadacoder avatar Feb 26 '25 20:02 granadacoder