From 7d3cac3406fb09e91071b5073b3248452d74e35a Mon Sep 17 00:00:00 2001 From: Damian Xu Date: Thu, 19 Oct 2023 15:20:39 -0700 Subject: [PATCH] bump netty-codec to 4.1.100 to remediate CVE-2023-44487 (#116) --- build.sbt | 3 ++- version.sbt | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/build.sbt b/build.sbt index 0f09c41..f5b4bcd 100644 --- a/build.sbt +++ b/build.sbt @@ -87,7 +87,8 @@ lazy val orchardWS = (project in file("orchard-ws")). "com.fasterxml.jackson.core" % "jackson-databind" % "2.15.2", "com.fasterxml.jackson.core" % "jackson-core" % "2.15.2", "com.fasterxml.jackson.module" %% "jackson-module-scala" % "2.15.2", - "com.google.guava" % "guava" % "32.1.1-jre" + "com.google.guava" % "guava" % "32.1.1-jre", + "io.netty" % "netty-codec" % "4.1.100.Final" ) ). dependsOn(orchardCore, orchardProviderAWS) diff --git a/version.sbt b/version.sbt index 4b2c306..7e36c35 100644 --- a/version.sbt +++ b/version.sbt @@ -1 +1 @@ -ThisBuild / version := "0.20.10" +ThisBuild / version := "0.20.11"