You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by nf...@apache.org on 2023/08/02 14:57:50 UTC
[camel] branch camel-3.x updated: CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)
This is an automated email from the ASF dual-hosted git repository.
nfilotto pushed a commit to branch camel-3.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-3.x by this push:
new dee37c785a8 CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)
dee37c785a8 is described below
commit dee37c785a853a4037f5cffe8c01b74d96fef4d6
Author: Nicolas Filotto <es...@users.noreply.github.com>
AuthorDate: Wed Aug 2 16:57:44 2023 +0200
CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10967)
## Motivation
The component `camel-google-bigquery` indirectly depends on `org.json:json:jar:20200518:compile` which has a know CVE https://nvd.nist.gov/vuln/detail/CVE-2022-45688 that can be fixed by upgrading it to `20230227` or higher.
## Modifications:
* Add `org.json:json:20230618` to the dependencyManagement section
* Replace `org.json:json:20200518` with `org.json:json:20230618` in `camel-google-bigquery`
---
camel-dependencies/pom.xml | 1 +
components/camel-google/camel-google-bigquery/pom.xml | 8 ++++++++
parent/pom.xml | 6 ++++++
3 files changed, 15 insertions(+)
diff --git a/camel-dependencies/pom.xml b/camel-dependencies/pom.xml
index b8c4f072aa0..ab8aeb1e4f4 100644
--- a/camel-dependencies/pom.xml
+++ b/camel-dependencies/pom.xml
@@ -348,6 +348,7 @@
<jslt-version>0.1.11</jslt-version>
<jsmpp-version>2.3.11</jsmpp-version>
<json-api>1.0</json-api>
+ <json-org-version>20230618</json-org-version>
<json-patch-version>1.13</json-patch-version>
<json-path-version>2.8.0</json-path-version>
<json-schema-validator-version>2.2.14</json-schema-validator-version>
diff --git a/components/camel-google/camel-google-bigquery/pom.xml b/components/camel-google/camel-google-bigquery/pom.xml
index fe344a343dc..df1f9a5ccd2 100644
--- a/components/camel-google/camel-google-bigquery/pom.xml
+++ b/components/camel-google/camel-google-bigquery/pom.xml
@@ -76,8 +76,16 @@
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ </exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ </dependency>
<dependency>
<groupId>org.apache.camel</groupId>
diff --git a/parent/pom.xml b/parent/pom.xml
index f2dcb739943..e8a626c6589 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -334,6 +334,7 @@
<jsmpp-version>2.3.11</jsmpp-version>
<jsch-version>0.2.1</jsch-version>
<json-api>1.0</json-api>
+ <json-org-version>20230618</json-org-version>
<jsonassert-version>1.5.1</jsonassert-version>
<json-path-version>2.8.0</json-path-version>
<json-patch-version>1.13</json-patch-version>
@@ -3234,6 +3235,11 @@
<artifactId>jaxp-ri</artifactId>
<version>1.4.5</version>
</dependency>
+ <dependency>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ <version>${json-org-version}</version>
+ </dependency>
<!-- logging -->
<dependency>