Skip to content

Commit

Permalink
GH-44770: [Java] Update minor protobuf version to avoid CVE-2024-7254 (
Browse files Browse the repository at this point in the history 
…#44775)

### Rationale for this change

There seems to be a CVE affecting our current dependency:
GHSA-735f-pc8j-v9w8

### What changes are included in this PR?

Update to latest minor which solves the issue.

### Are these changes tested?

Via CI

### Are there any user-facing changes?

No
* GitHub Issue: #44770

Authored-by: Raúl Cumplido <raulcumplido@gmail.com>
Signed-off-by: David Li <li.davidm96@gmail.com>
  • Loading branch information
@raulcd
raulcd authored Nov 18, 2024
1 parent ad75248 commit ea8b1d3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion java/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ under the License.
<dep.guava-bom.version>33.3.1-jre</dep.guava-bom.version>
<dep.netty-bom.version>4.1.114.Final</dep.netty-bom.version>
<dep.grpc-bom.version>1.65.0</dep.grpc-bom.version>
<dep.protobuf-bom.version>3.25.4</dep.protobuf-bom.version>
<dep.protobuf-bom.version>3.25.5</dep.protobuf-bom.version>
<dep.jackson-bom.version>2.18.1</dep.jackson-bom.version>
<dep.hadoop.version>3.4.1</dep.hadoop.version>
<dep.fbs.version>24.3.25</dep.fbs.version>
Expand Down

0 comments on commit ea8b1d3

Please sign in to comment.