fix CVE-2023-42503 due to djl models (opensearch-project#2011)

Signed-off-by: Xun Zhang <[email protected]>
austintlee · Mar 18, 2024 · b632f18 · b632f18
1 parent e7f9fd6
commit b632f18
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/build.gradle b/build.gradle
@@ -71,6 +71,7 @@ subprojects {
     configurations.all {
         // Force spotless depending on newer version of guava due to CVE-2023-2976. Remove after spotless upgrades.
         resolutionStrategy.force "com.google.guava:guava:32.1.2-jre"
+        resolutionStrategy.force 'org.apache.commons:commons-compress:1.25.0'
     }
 }