Skip to content

Commit

Permalink
Revert "Force-update netty to patch CVE-2024-47535"
Browse files Browse the repository at this point in the history 
Seems like we can't use that version yet?

This reverts commit bd21179.
  • Loading branch information
@Alexander01998
Alexander01998 committed Nov 13, 2024
1 parent febdd1b commit 005c31f
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,11 @@ repositories {
maven {url "https://maven.terraformersmc.com/releases/"}
}

// Override vulnerable dependencies until Minecraft updates to newer versions
// Override vulnerable msal4j dependency until Minecraft updates to a newer version
configurations.all {
resolutionStrategy {
// v1.15.0, used by Minecraft 1.21.2 and 1.21.3, is vulnerable to CVE-2024-35255
force 'com.microsoft.azure:msal4j:1.17.2'
// v4.1.97, used by Minecraft 1.21.2 and 1.21.3, is vulnerable to CVE-2024-47535
force 'io.netty:netty-common:4.1.115'
}
}

Expand Down

0 comments on commit 005c31f

Please sign in to comment.