Skip to content

Commit

Permalink
Merge pull request #2155 from ballerina-platform/update-protobuf-version
Browse files Browse the repository at this point in the history
Address `CVE-2024-7254` vulnerability
  • Loading branch information
TharmiganK authored Sep 24, 2024
2 parents 6004c86 + a5071eb commit 79f3f6b
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 3 deletions.
4 changes: 2 additions & 2 deletions ballerina/Ballerina.toml
Original file line number Diff line number Diff line change
Expand Up @@ -169,5 +169,5 @@ path = "./lib/lz4-1.3.0.jar"
[[platform.java17.dependency]]
groupId = "com.google.protobufl"
artifactId = "protobuf-java"
version = "3.20.3"
path = "./lib/protobuf-java-3.20.3.jar"
version = "3.25.5"
path = "./lib/protobuf-java-3.25.5.jar"
4 changes: 4 additions & 0 deletions changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- [Add header name mapping support in record fields](https://github.com/ballerina-platform/ballerina-library/issues/7018)
- [Introduce util functions to convert query and header record with the `http:Query` and the `http:Header` annotations](https://github.com/ballerina-platform/ballerina-library/issues/7019)

### Fixed

- [Address CVE-2024-7254 vulnerability](https://github.com/ballerina-platform/ballerina-library/issues/7013)

## [2.12.0] - 2024-08-20

### Added
Expand Down
2 changes: 1 addition & 1 deletion gradle.properties
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ mockitoVersion=5.3.1
gsonVersion=2.7
lz4Version=1.3.0
marshallingVersion=2.0.5.Final
protobufVersion=3.20.3
protobufVersion=3.25.5
jacocoVersion=0.8.10
ballerinaToOpenApiVersion=2.1.0
swaggerCoreVersion=2.2.22
Expand Down

0 comments on commit 79f3f6b

Please sign in to comment.