Skip to content

Commit

Permalink
Upgrade JSON to 20231013 to fix CVE-2023-5072
Browse files Browse the repository at this point in the history
Signed-off-by: Peng Huo <[email protected]>
  • Loading branch information
penghuo committed Dec 11, 2023
1 parent ddb2a21 commit 8ac6981
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion legacy/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ dependencies {
}
}
implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre'
implementation group: 'org.json', name: 'json', version:'20230227'
implementation group: 'org.json', name: 'json', version:'20231013'
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0'
implementation group: 'org.opensearch', name: 'opensearch', version: "${opensearch_version}"
// add geo module as dependency. https://github.com/opensearch-project/OpenSearch/pull/4180/.
Expand Down
2 changes: 1 addition & 1 deletion opensearch/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ dependencies {
implementation group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: "${versions.jackson}"
implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: "${versions.jackson_databind}"
implementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-cbor', version: "${versions.jackson}"
implementation group: 'org.json', name: 'json', version:'20230227'
implementation group: 'org.json', name: 'json', version:'20231013'
compileOnly group: 'org.opensearch.client', name: 'opensearch-rest-high-level-client', version: "${opensearch_version}"
implementation group: 'org.opensearch', name:'opensearch-ml-client', version: "${opensearch_build}"

Expand Down
2 changes: 1 addition & 1 deletion ppl/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ dependencies {

implementation "org.antlr:antlr4-runtime:4.7.1"
implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre'
api group: 'org.json', name: 'json', version: '20230227'
api group: 'org.json', name: 'json', version: '20231013'
implementation group: 'org.apache.logging.log4j', name: 'log4j-core', version:'2.20.0'
api project(':common')
api project(':core')
Expand Down
2 changes: 1 addition & 1 deletion prometheus/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ dependencies {
implementation group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: "${versions.jackson}"
implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: "${versions.jackson_databind}"
implementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-cbor', version: "${versions.jackson}"
implementation group: 'org.json', name: 'json', version: '20230227'
implementation group: 'org.json', name: 'json', version: '20231013'

testImplementation('org.junit.jupiter:junit-jupiter:5.6.2')
testImplementation group: 'org.hamcrest', name: 'hamcrest-library', version: '2.1'
Expand Down
2 changes: 1 addition & 1 deletion spark/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ dependencies {
implementation project(':datasources')

implementation group: 'org.opensearch', name: 'opensearch', version: "${opensearch_version}"
implementation group: 'org.json', name: 'json', version: '20230227'
implementation group: 'org.json', name: 'json', version: '20231013'
api group: 'com.amazonaws', name: 'aws-java-sdk-emr', version: '1.12.545'
api group: 'com.amazonaws', name: 'aws-java-sdk-emrserverless', version: '1.12.545'
implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
Expand Down
2 changes: 1 addition & 1 deletion sql/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ dependencies {

implementation "org.antlr:antlr4-runtime:4.7.1"
implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre'
implementation group: 'org.json', name: 'json', version:'20230227'
implementation group: 'org.json', name: 'json', version:'20231013'
implementation project(':common')
implementation project(':core')
api project(':protocol')
Expand Down

0 comments on commit 8ac6981

Please sign in to comment.