aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Palfinger <gerald.palfinger@iaik.tugraz.at>2021-12-16 16:25:40 +0100
committerGerald Palfinger <gerald.palfinger@iaik.tugraz.at>2022-01-20 14:54:26 +0100
commit35c301bd555a0b790b2d6621ed2eff0f3bdbf400 (patch)
treef9087cb3c077fdd6f6140d3c5c0e6e64b171c4cd
parentf16b75cde0083d4325c702e152e9ade8c4725164 (diff)
downloadpdf-as-4-35c301bd555a0b790b2d6621ed2eff0f3bdbf400.tar.gz
pdf-as-4-35c301bd555a0b790b2d6621ed2eff0f3bdbf400.tar.bz2
pdf-as-4-35c301bd555a0b790b2d6621ed2eff0f3bdbf400.zip
Update commons-io
-rw-r--r--pdf-as-lib/build.gradle2
-rw-r--r--pdf-as-pdfbox-2/build.gradle2
-rw-r--r--pdf-as-web/build.gradle2
3 files changed, 4 insertions, 2 deletions
diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle
index 6adbcc7e..cf15a9c8 100644
--- a/pdf-as-lib/build.gradle
+++ b/pdf-as-lib/build.gradle
@@ -70,7 +70,7 @@ dependencies {
api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
api group: 'com.google.code.gson', name: 'gson', version: '2.8.6'
api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.7.6'
- api group: 'commons-io', name: 'commons-io', version: '2.8'
+ api group: 'commons-io', name: 'commons-io', version: '2.8.0'
api group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '2.3.3'
api 'org.apache.commons:commons-collections4:4.4'
api group: 'ognl', name: 'ognl', version: '3.2.19'
diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle
index cb5ff296..606ebc70 100644
--- a/pdf-as-pdfbox-2/build.gradle
+++ b/pdf-as-pdfbox-2/build.gradle
@@ -36,7 +36,7 @@ dependencies {
api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.24'
api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.24'
api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.24'
- implementation group: 'commons-io', name: 'commons-io', version: '2.8'
+ implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
implementation group: 'ognl', name: 'ognl', version: '3.2.19'
testImplementation group: 'junit', name: 'junit', version: '4.+'
diff --git a/pdf-as-web/build.gradle b/pdf-as-web/build.gradle
index 3d43861b..4752ed67 100644
--- a/pdf-as-web/build.gradle
+++ b/pdf-as-web/build.gradle
@@ -52,6 +52,8 @@ dependencies {
api project (':pdf-as-web-status')
api project (':pdf-as-web-statistic-api')
api group: 'commons-fileupload', name: 'commons-fileupload', version: '1.4'
+ // Upgrade dependency of commons-fileupload from 2.2 to 2.8.0 to avoid CVE-2021-29425
+ api group: 'commons-io', name: 'commons-io', version: '2.8.0'
api group: 'opensymphony', name: 'sitemesh', version: '2.4.2'
api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
api group: 'javax.xml.ws', name: 'jaxws-api', version: '2.3.1'