From 73cd6039a89411666a8634910e58f82290ea18cd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Oct 2023 20:09:00 +0000 Subject: [PATCH] Upgrade JSON to 20231013 to fix CVE-2023-5072 (#912) Signed-off-by: Derek Ho (cherry picked from commit b68990fed59814832800affed06e5aa4439f0918) Signed-off-by: github-actions[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 1e5efce8..56ea79b0 100644 --- a/build.gradle +++ b/build.gradle @@ -175,7 +175,7 @@ dependencies { implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.9" implementation "${group}:common-utils:${common_utils_version}" compileOnly "${group}:opensearch-job-scheduler-spi:${job_scheduler_version}" - implementation "org.json:json:20230227" + implementation "org.json:json:20231013" implementation group: 'com.github.wnameless.json', name: 'json-flattener', version: '0.15.1' // json-base, jackson-databind, jackson-annotations are transitive dependencies by json-flattener implementation group: 'com.github.wnameless.json', name: 'json-base', version: '2.2.1'