Skip to content

Commit 4ec4cef

Browse files
devinrsmithdevinrsmith
authored
Bump commons-compress (deephaven#5108)
Fixes CVE-2023-42503. Potentially relevant if trying to parse an untrusted tar file.
1 parent ec5e8f7 commit 4ec4cef

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

buildSrc/src/main/groovy/io.deephaven.java-classpath-conventions.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ plugins {
66
// TODO(deephaven-core#1162): Adopt java-platform to manage versions
77
ext {
88
depAnnotations = 'org.jetbrains:annotations:24.0.0'
9-
depCommonsCompress = 'org.apache.commons:commons-compress:1.22'
9+
depCommonsCompress = 'org.apache.commons:commons-compress:1.25.0'
1010
depCommonsLang3 = 'org.apache.commons:commons-lang3:3.12.0'
1111
depCommonsIo = 'commons-io:commons-io:2.11.0'
1212
depJdom2 = 'org.jdom:jdom2:2.0.6.1'

0 commit comments

Comments
 (0)