From fe5498843ba805c90498dad80c119f298ad1aba3 Mon Sep 17 00:00:00 2001 From: gabilang Date: Fri, 9 Feb 2024 18:27:40 +0530 Subject: [PATCH 1/3] Update vulnerable rabbitmq java client versions --- distribution/zip/jballerina-tools/LICENSE | 2 +- distribution/zip/jballerina/LICENSE | 2 +- gradle/javaLibsProject.gradle | 2 +- stdlib/messaging/rabbitmq/build.gradle | 4 ++-- stdlib/messaging/rabbitmq/src/main/ballerina/Ballerina.toml | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/distribution/zip/jballerina-tools/LICENSE b/distribution/zip/jballerina-tools/LICENSE index c45eb3dec304..df3683e9c4da 100644 --- a/distribution/zip/jballerina-tools/LICENSE +++ b/distribution/zip/jballerina-tools/LICENSE @@ -74,7 +74,7 @@ future-1.1.0.jar netty-buffer-4.1.39.Final.jar bundle apache2 lang.map.jar jar apache2 ballerina-xmlutils-1.1.0.jar jar apache2 -amqp-client-5.7.3.jar bundle apache2 + mpl11 +amqp-client-5.20.0.jar bundle apache2 + mpl11 ballerina-client-generator-1.1.0.jar jar apache2 jnats-2.6.0.jar bundle apache2 jackson-core-2.15.2.jar bundle apache2 diff --git a/distribution/zip/jballerina/LICENSE b/distribution/zip/jballerina/LICENSE index 90ed2e4446ba..79a8a0ea7dc4 100644 --- a/distribution/zip/jballerina/LICENSE +++ b/distribution/zip/jballerina/LICENSE @@ -74,7 +74,7 @@ future-1.1.0.jar netty-buffer-4.1.39.Final.jar bundle apache2 lang.map.jar jar apache2 ballerina-xmlutils-1.1.0.jar jar apache2 -amqp-client-5.7.3.jar bundle apache2 + mpl11 +amqp-client-5.20.0.jar bundle apache2 + mpl11 ballerina-client-generator-1.1.0.jar jar apache2 jnats-2.6.0.jar bundle apache2 jackson-core-2.15.2.jar bundle apache2 diff --git a/gradle/javaLibsProject.gradle b/gradle/javaLibsProject.gradle index 97eaaf23caae..f9f483494f34 100644 --- a/gradle/javaLibsProject.gradle +++ b/gradle/javaLibsProject.gradle @@ -82,7 +82,7 @@ dependencies { dist 'com.sun.mail:javax.mail:1.6.2' dist 'org.yaml:snakeyaml:2.0' dist 'org.wso2.staxon:staxon-core:1.2.0.wso2v2' - dist 'com.rabbitmq:amqp-client:5.7.3' + dist 'com.rabbitmq:amqp-client:5.20.0' dist 'com.jcraft:jzlib:1.1.3' dist 'io.nats:java-nats-streaming:2.2.1' dist 'io.nats:jnats:2.6.0' diff --git a/stdlib/messaging/rabbitmq/build.gradle b/stdlib/messaging/rabbitmq/build.gradle index 79021fb86df7..872673698400 100644 --- a/stdlib/messaging/rabbitmq/build.gradle +++ b/stdlib/messaging/rabbitmq/build.gradle @@ -42,7 +42,7 @@ dependencies { interopImports project(':ballerina-time') - implementation 'com.rabbitmq:amqp-client:5.7.3' + implementation 'com.rabbitmq:amqp-client:5.20.0' baloImplementation project(path: ':ballerina-runtime-api', configuration: 'baloImplementation') baloImplementation project(path: ':ballerina-java', configuration: 'baloImplementation') @@ -56,7 +56,7 @@ dependencies { testCompile project(path: ':ballerina-test-utils', configuration: 'shadow') interopImports project(':ballerina-crypto') - interopImports 'com.rabbitmq:amqp-client:5.7.3' + interopImports 'com.rabbitmq:amqp-client:5.20.0' } configurations { diff --git a/stdlib/messaging/rabbitmq/src/main/ballerina/Ballerina.toml b/stdlib/messaging/rabbitmq/src/main/ballerina/Ballerina.toml index d52770fe3182..b7b3de38d664 100644 --- a/stdlib/messaging/rabbitmq/src/main/ballerina/Ballerina.toml +++ b/stdlib/messaging/rabbitmq/src/main/ballerina/Ballerina.toml @@ -14,7 +14,7 @@ target = "java8" [[platform.libraries]] artifactId = "amqp-client" - version = "5.7.3" - path = "./lib/amqp-client-5.7.3.jar" + version = "5.20.0" + path = "./lib/amqp-client-5.20.0.jar" groupId = "com.rabbitmq" modules = ["rabbitmq"] From a0d7a6333818600b2cea8225dab5e10008edd7fd Mon Sep 17 00:00:00 2001 From: Hinduja Balasubramaniyam <28644893+HindujaB@users.noreply.github.com> Date: Sat, 10 Feb 2024 04:59:34 +0530 Subject: [PATCH 2/3] Update distribution/zip/jballerina/LICENSE --- distribution/zip/jballerina/LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distribution/zip/jballerina/LICENSE b/distribution/zip/jballerina/LICENSE index 79a8a0ea7dc4..a5392266a56b 100644 --- a/distribution/zip/jballerina/LICENSE +++ b/distribution/zip/jballerina/LICENSE @@ -74,7 +74,7 @@ future-1.1.0.jar netty-buffer-4.1.39.Final.jar bundle apache2 lang.map.jar jar apache2 ballerina-xmlutils-1.1.0.jar jar apache2 -amqp-client-5.20.0.jar bundle apache2 + mpl11 +amqp-client-5.20.0.jar bundle apache2 + mpl11 ballerina-client-generator-1.1.0.jar jar apache2 jnats-2.6.0.jar bundle apache2 jackson-core-2.15.2.jar bundle apache2 From 31eff153bab98c47c1d23ce327cedb7132312845 Mon Sep 17 00:00:00 2001 From: Hinduja Balasubramaniyam <28644893+HindujaB@users.noreply.github.com> Date: Sat, 10 Feb 2024 04:59:39 +0530 Subject: [PATCH 3/3] Update distribution/zip/jballerina-tools/LICENSE --- distribution/zip/jballerina-tools/LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distribution/zip/jballerina-tools/LICENSE b/distribution/zip/jballerina-tools/LICENSE index df3683e9c4da..e795bd26aa3d 100644 --- a/distribution/zip/jballerina-tools/LICENSE +++ b/distribution/zip/jballerina-tools/LICENSE @@ -74,7 +74,7 @@ future-1.1.0.jar netty-buffer-4.1.39.Final.jar bundle apache2 lang.map.jar jar apache2 ballerina-xmlutils-1.1.0.jar jar apache2 -amqp-client-5.20.0.jar bundle apache2 + mpl11 +amqp-client-5.20.0.jar bundle apache2 + mpl11 ballerina-client-generator-1.1.0.jar jar apache2 jnats-2.6.0.jar bundle apache2 jackson-core-2.15.2.jar bundle apache2