From be3bc5c02256b778ed7693361983c8e45d90dd0d Mon Sep 17 00:00:00 2001 From: hindujaB Date: Thu, 21 Mar 2024 14:34:33 +0530 Subject: [PATCH] Update vulnerable versions --- bvm/ballerina-rt/build.gradle | 2 +- cli/ballerina-cli-module/build.gradle | 2 +- cli/ballerina-packerina/build.gradle | 2 +- distribution/zip/jballerina-tools/LICENSE | 2 +- distribution/zip/jballerina-tools/build.gradle | 2 +- distribution/zip/jballerina/LICENSE | 2 +- gradle/javaLibsProject.gradle | 2 +- gradle/javaProject.gradle | 6 +++--- language-server/modules/langserver-core/build.gradle | 2 +- misc/debug-adapter/modules/debug-adapter-core/build.gradle | 2 +- stdlib/grpc/src/main/ballerina/Ballerina.toml | 4 ++-- stdlib/http/src/main/ballerina/Ballerina.toml | 4 ++-- stdlib/mime/src/main/ballerina/Ballerina.toml | 4 ++-- stdlib/websub/src/main/ballerina/Ballerina.toml | 4 ++-- 14 files changed, 20 insertions(+), 20 deletions(-) diff --git a/bvm/ballerina-rt/build.gradle b/bvm/ballerina-rt/build.gradle index d72f50951eea..9fa91c7c6699 100644 --- a/bvm/ballerina-rt/build.gradle +++ b/bvm/ballerina-rt/build.gradle @@ -91,7 +91,7 @@ dependencies { dist 'io.opentracing:opentracing-util:0.33.0' dist 'org.awaitility:awaitility:3.1.6' dist 'org.hdrhistogram:HdrHistogram:2.1.10' - dist 'com.h2database:h2:1.4.199' + dist 'com.h2database:h2:2.2.220' dist 'org.hdrhistogram:HdrHistogram:2.1.10' // observability extensions diff --git a/cli/ballerina-cli-module/build.gradle b/cli/ballerina-cli-module/build.gradle index eebaea3ba72f..e16cfcc37c66 100644 --- a/cli/ballerina-cli-module/build.gradle +++ b/cli/ballerina-cli-module/build.gradle @@ -35,7 +35,7 @@ dependencies { implementation project(':toml-parser') implementation 'com.moandjiezana.toml:toml4j' implementation 'info.picocli:picocli' - implementation 'org.apache.commons:commons-compress:1.21' + implementation 'org.apache.commons:commons-compress:1.26.0' implementation 'me.tongfei:progressbar:0.7.4' implementation 'org.jline:jline:3.11.0' implementation 'javax.ws.rs:javax.ws.rs-api' diff --git a/cli/ballerina-packerina/build.gradle b/cli/ballerina-packerina/build.gradle index ae8b7962c4ef..91119dc94033 100644 --- a/cli/ballerina-packerina/build.gradle +++ b/cli/ballerina-packerina/build.gradle @@ -47,7 +47,7 @@ dependencies { implementation project(':maven-resolver') implementation 'com.moandjiezana.toml:toml4j' implementation 'info.picocli:picocli' - implementation 'org.apache.commons:commons-compress:1.21' + implementation 'org.apache.commons:commons-compress:1.26.0' testCompile 'org.testng:testng' testCompile 'com.moandjiezana.toml:toml4j' diff --git a/distribution/zip/jballerina-tools/LICENSE b/distribution/zip/jballerina-tools/LICENSE index 46e9bd581581..97a118321788 100644 --- a/distribution/zip/jballerina-tools/LICENSE +++ b/distribution/zip/jballerina-tools/LICENSE @@ -241,7 +241,7 @@ org.wso2.securevault-1.0.0-wso2v2.jar kubernetes.jar jar apache2 debug-adapter-core-1.1.0.jar jar apache2 debug-adapter-cli-1.1.0.jar jar apache2 -h2-1.4.199.jar bundle apache2 +h2-2.2.220.jar bundle apache2 org.eclipse.lsp4j-0.8.1.jar bundle epl1 commons-io-2.11.0.jar bundle apache2 language-server-stdio-launcher-1.1.0.jar jar apache2 diff --git a/distribution/zip/jballerina-tools/build.gradle b/distribution/zip/jballerina-tools/build.gradle index db2ccb0e8e31..6b20ec26f85a 100644 --- a/distribution/zip/jballerina-tools/build.gradle +++ b/distribution/zip/jballerina-tools/build.gradle @@ -77,7 +77,7 @@ dependencies { // dist 'org.ow2.asm:asm:6.2.1' dist 'com.fasterxml.woodstox:woodstox-core:6.5.0' dist 'org.codehaus.woodstox:stax2-api:4.2.1' - dist 'org.apache.commons:commons-compress:1.21' + dist 'org.apache.commons:commons-compress:1.26.0' dist 'me.tongfei:progressbar:0.7.4' dist 'org.jline:jline:3.11.0' diff --git a/distribution/zip/jballerina/LICENSE b/distribution/zip/jballerina/LICENSE index 30ed8700c4c5..626181198b16 100644 --- a/distribution/zip/jballerina/LICENSE +++ b/distribution/zip/jballerina/LICENSE @@ -241,7 +241,7 @@ org.wso2.securevault-1.0.0-wso2v2.jar kubernetes.jar jar apache2 debug-adapter-core-1.1.0.jar jar apache2 debug-adapter-cli-1.1.0.jar jar apache2 -h2-1.4.199.jar bundle apache2 +h2-2.2.220.jar bundle apache2 org.eclipse.lsp4j-0.8.1.jar bundle epl1 commons-io-2.11.0.jar bundle apache2 language-server-stdio-launcher-1.1.0.jar jar apache2 diff --git a/gradle/javaLibsProject.gradle b/gradle/javaLibsProject.gradle index f9f483494f34..fa5e2ff33a83 100644 --- a/gradle/javaLibsProject.gradle +++ b/gradle/javaLibsProject.gradle @@ -40,7 +40,7 @@ dependencies { dist 'org.wso2.securevault:org.wso2.securevault:1.0.0-wso2v2' dist 'org.wso2.transport.file:org.wso2.transport.local-file-system:6.0.55' dist 'org.wso2.transport.http:org.wso2.transport.http.netty:6.3.48' - dist 'org.bouncycastle:bcprov-jdk15on:1.69' + dist 'org.bouncycastle:bcprov-jdk15on:1.73' dist 'org.bouncycastle:bcpkix-jdk15on:1.61' dist 'info.picocli:picocli:4.0.1' diff --git a/gradle/javaProject.gradle b/gradle/javaProject.gradle index 3e2b671c14bd..5b35ab5d4f9d 100644 --- a/gradle/javaProject.gradle +++ b/gradle/javaProject.gradle @@ -37,7 +37,7 @@ dependencies { implementation 'com.atlassian.commonmark:commonmark-ext-gfm-tables:0.11.0' implementation 'com.fasterxml.jackson.core:jackson-databind:2.15.2' implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.15.2' - implementation 'com.h2database:h2:1.4.199' + implementation 'com.h2database:h2:2.2.220' implementation 'org.hsqldb:hsqldb:2.2.7' implementation 'com.wix:wix-embedded-mysql:4.6.1' implementation 'mysql:mysql-connector-java:8.0.19' @@ -62,7 +62,7 @@ dependencies { implementation 'org.apache.kafka:kafka-clients:2.8.2' implementation 'org.apache.kafka:kafka_2.13:2.8.2' implementation 'org.apache.avro:avro:1.9.2' - implementation 'org.apache.james:apache-mime4j-core:0.8.9' + implementation 'org.apache.james:apache-mime4j-core:0.8.10' implementation 'org.apache.mina:mina-core:2.0.16' implementation 'org.apache.maven:maven-plugin-api:3.6.0' implementation 'org.apache.maven.plugin-tools:maven-plugin-annotations:3.6.0' @@ -75,7 +75,7 @@ dependencies { implementation 'org.codehaus.woodstox:stax2-api:4.2.1' implementation 'org.awaitility:awaitility:3.1.6' implementation 'org.apache.thrift:libthrift:0.14.1' - implementation 'org.bouncycastle:bcprov-jdk15on:1.69' + implementation 'org.bouncycastle:bcprov-jdk15on:1.73' implementation 'org.bouncycastle:bcpkix-jdk15on:1.61' implementation 'org.bytedeco.javacpp-presets:llvm-platform:6.0.1-1.4.2' implementation 'org.codehaus.plexus:plexus-utils:3.0.8' diff --git a/language-server/modules/langserver-core/build.gradle b/language-server/modules/langserver-core/build.gradle index 21ec5aada46f..9cb009fe1232 100644 --- a/language-server/modules/langserver-core/build.gradle +++ b/language-server/modules/langserver-core/build.gradle @@ -143,7 +143,7 @@ dependencies { // baloImplementation project(path: ':ballerina-websub', configuration: 'baloImplementation') baloImplementation project(path: ':testerina:testerina-core', configuration: 'baloImplementation') - dependency 'com.h2database:h2:1.4.199' + dependency 'com.h2database:h2:2.2.220' dependency 'org.eclipse.lsp4j:org.eclipse.lsp4j:0.8.1' dependency 'org.eclipse.lsp4j:org.eclipse.lsp4j.jsonrpc:0.8.1' dependency 'commons-io:commons-io:2.11.0' diff --git a/misc/debug-adapter/modules/debug-adapter-core/build.gradle b/misc/debug-adapter/modules/debug-adapter-core/build.gradle index f03d09ed904d..eb1f5aa330c6 100755 --- a/misc/debug-adapter/modules/debug-adapter-core/build.gradle +++ b/misc/debug-adapter/modules/debug-adapter-core/build.gradle @@ -8,7 +8,7 @@ repositories { dependencies { implementation 'org.eclipse.lsp4j:org.eclipse.lsp4j.debug:0.8.1' implementation project(':ballerina-lang') - implementation 'org.apache.commons:commons-compress:1.21' + implementation 'org.apache.commons:commons-compress:1.26.0' implementation files(org.gradle.internal.jvm.Jvm.current().toolsJar) } diff --git a/stdlib/grpc/src/main/ballerina/Ballerina.toml b/stdlib/grpc/src/main/ballerina/Ballerina.toml index 8deb3203d154..4192af787418 100644 --- a/stdlib/grpc/src/main/ballerina/Ballerina.toml +++ b/stdlib/grpc/src/main/ballerina/Ballerina.toml @@ -112,8 +112,8 @@ target = "java8" [[platform.libraries]] artifactId = "bcprov-jdk15on" - version = "1.69" - path = "./lib/bcprov-jdk15on-1.69.jar" + version = "1.73" + path = "./lib/bcprov-jdk15on-1.73.jar" groupId = "org.bouncycastle" modules = ["grpc"] diff --git a/stdlib/http/src/main/ballerina/Ballerina.toml b/stdlib/http/src/main/ballerina/Ballerina.toml index aa397ad200fa..3edcfb9b55a8 100644 --- a/stdlib/http/src/main/ballerina/Ballerina.toml +++ b/stdlib/http/src/main/ballerina/Ballerina.toml @@ -105,8 +105,8 @@ target = "java8" [[platform.libraries]] artifactId = "bcprov-jdk15on" - version = "1.69" - path = "./lib/bcprov-jdk15on-1.69.jar" + version = "1.73" + path = "./lib/bcprov-jdk15on-1.73.jar" groupId = "org.bouncycastle" modules = ["http"] diff --git a/stdlib/mime/src/main/ballerina/Ballerina.toml b/stdlib/mime/src/main/ballerina/Ballerina.toml index 7c0c7d1f3e7e..cc02ab0c82ca 100644 --- a/stdlib/mime/src/main/ballerina/Ballerina.toml +++ b/stdlib/mime/src/main/ballerina/Ballerina.toml @@ -112,8 +112,8 @@ target = "java8" [[platform.libraries]] artifactId = "bcprov-jdk15on" - version = "1.69" - path = "./lib/bcprov-jdk15on-1.69.jar" + version = "1.73" + path = "./lib/bcprov-jdk15on-1.73.jar" groupId = "org.bouncycastle" modules = ["mime"] diff --git a/stdlib/websub/src/main/ballerina/Ballerina.toml b/stdlib/websub/src/main/ballerina/Ballerina.toml index ff347bcf0a14..b3fb1e6ad99b 100644 --- a/stdlib/websub/src/main/ballerina/Ballerina.toml +++ b/stdlib/websub/src/main/ballerina/Ballerina.toml @@ -105,8 +105,8 @@ target = "java8" [[platform.libraries]] artifactId = "bcprov-jdk15on" - version = "1.69" - path = "./lib/bcprov-jdk15on-1.69.jar" + version = "1.73" + path = "./lib/bcprov-jdk15on-1.73.jar" groupId = "org.bouncycastle" modules = ["web-sub"]