2.0.5: Fixed CVE-2023-43642

kaklakariada released this 27 Sep 14:58

· 7 commits to main since this release

Summary

This release fixes CVE-2023-43642 in org.xerial.snappy:snappy-java.

Security

#62: Fixed CVE-2023-43642 in org.xerial.snappy:snappy-java

Dependency Updates

Compile Dependency Updates

Updated org.scala-lang:scala-library:2.13.11 to 2.13.12
Updated org.xerial.snappy:snappy-java:1.1.10.1 to 1.1.10.5

Test Dependency Updates

Updated org.junit.jupiter:junit-jupiter:5.9.3 to 5.10.0
Updated org.mockito:mockito-core:5.4.0 to 5.5.0
Updated org.mockito:mockito-junit-jupiter:5.4.0 to 5.5.0
Updated org.scalatest:scalatest_2.13:3.2.15 to 3.3.0-SNAP4

Plugin Dependency Updates

Updated com.exasol:error-code-crawler-maven-plugin:1.2.3 to 1.3.0
Updated com.exasol:project-keeper-maven-plugin:2.9.7 to 2.9.12
Updated org.apache.maven.plugins:maven-enforcer-plugin:3.3.0 to 3.4.0
Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0 to 3.1.2
Updated org.apache.maven.plugins:maven-gpg-plugin:3.0.1 to 3.1.0
Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0 to 3.1.2
Updated org.basepom.maven:duplicate-finder-maven-plugin:1.5.1 to 2.0.1
Updated org.codehaus.mojo:flatten-maven-plugin:1.4.1 to 1.5.0
Updated org.codehaus.mojo:versions-maven-plugin:2.15.0 to 2.16.0
Updated org.jacoco:jacoco-maven-plugin:0.8.9 to 0.8.10

Assets 8