Skip to content

Commit

Permalink
Update snappy-java (#1687)
Browse files Browse the repository at this point in the history 
* Update snappy-java to fix vulnerability

snappy-java is an HTSJDK dependency that received a DoS CVE report last
week: GHSA-55g7-9cwv-5qfv
Also bump common-compress: https://commons.apache.org/proper/commons-compress/security.html
  • Loading branch information
@bbimber
bbimber authored Oct 6, 2023
1 parent 38dbd0e commit 85a0f0f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ jacocoTestReport {

dependencies {
implementation 'commons-logging:commons-logging:1.2'
implementation "org.xerial.snappy:snappy-java:1.1.10.1"
implementation "org.apache.commons:commons-compress:1.22"
implementation "org.xerial.snappy:snappy-java:1.1.10.5"
implementation "org.apache.commons:commons-compress:1.24.0"
implementation 'org.tukaani:xz:1.9'
implementation "org.json:json:20230618"

Expand Down

0 comments on commit 85a0f0f

Please sign in to comment.