From 84f738067212f6e1eda390478978e828159e8deb Mon Sep 17 00:00:00 2001 From: Jonathan Roques Date: Tue, 1 Oct 2024 14:28:26 +0200 Subject: [PATCH] other(cve): Fix CVE-2024-7254 --- .gitignore | 3 +++ bundle/camunda-saas-bundle/pom.xml | 7 ------- connectors/pom.xml | 6 ++++++ parent/pom.xml | 6 ++++++ 4 files changed, 15 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 93a8107e68..ed472caac9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# Snyk cache +.dccache + # Compiled class file *.class diff --git a/bundle/camunda-saas-bundle/pom.xml b/bundle/camunda-saas-bundle/pom.xml index a31d166ec2..6179ebc81d 100644 --- a/bundle/camunda-saas-bundle/pom.xml +++ b/bundle/camunda-saas-bundle/pom.xml @@ -28,13 +28,6 @@ spring-boot-starter-oauth2-resource-server - - - com.google.protobuf - protobuf-java-util - 3.25.5 - - io.camunda.connector connector-gcp-secret-provider diff --git a/connectors/pom.xml b/connectors/pom.xml index c8e9e32085..e1ab6f86e6 100644 --- a/connectors/pom.xml +++ b/connectors/pom.xml @@ -41,6 +41,12 @@ except in compliance with the proprietary license. + + + com.google.protobuf + protobuf-java-util + 3.25.5 + io.camunda.connector connector-validation diff --git a/parent/pom.xml b/parent/pom.xml index 5c8fdf464f..8255d58c96 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -480,6 +480,12 @@ limitations under the License. protobuf-java 3.25.5 + + + com.google.protobuf + protobuf-java-util + 3.25.5 + org.bouncycastle