Skip to content

Commit

Permalink
Update protobuf-java to address CVE-2024-7254
Browse files Browse the repository at this point in the history
Signed-off-by: Mark S. Lewis <[email protected]>
  • Loading branch information
bestbeforetoday authored and ejona86 committed Sep 24, 2024
1 parent 99be6e9 commit 2ff837a
Show file tree
Hide file tree
Showing 25 changed files with 28 additions and 28 deletions.
2 changes: 1 addition & 1 deletion examples/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'
def protocVersion = protobufVersion

dependencies {
Expand Down
2 changes: 1 addition & 1 deletion examples/example-alts/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
// grpc-alts transitively depends on grpc-netty-shaded, grpc-protobuf, and grpc-stub
Expand Down
2 changes: 1 addition & 1 deletion examples/example-debug/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-debug/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protoc.version>3.25.3</protoc.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-dualstack/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-dualstack/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protoc.version>3.25.3</protoc.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-gauth/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'
def protocVersion = protobufVersion


Expand Down
2 changes: 1 addition & 1 deletion examples/example-gauth/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protobuf.version>3.25.3</protobuf.version>
<protobuf.version>3.25.5</protobuf.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-gcp-csm-observability/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'
def openTelemetryVersion = '1.40.0'
def openTelemetryPrometheusVersion = '1.40.0-alpha'

Expand Down
2 changes: 1 addition & 1 deletion examples/example-gcp-observability/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-hostname/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-hostname/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protoc.version>3.25.3</protoc.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-jwt-auth/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'
def protocVersion = protobufVersion

dependencies {
Expand Down
4 changes: 2 additions & 2 deletions examples/example-jwt-auth/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protobuf.version>3.25.3</protobuf.version>
<protoc.version>3.25.3</protoc.version>
<protobuf.version>3.25.5</protobuf.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-oauth/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protobufVersion = '3.25.3'
def protobufVersion = '3.25.5'
def protocVersion = protobufVersion

dependencies {
Expand Down
4 changes: 2 additions & 2 deletions examples/example-oauth/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protobuf.version>3.25.3</protobuf.version>
<protoc.version>3.25.3</protoc.version>
<protobuf.version>3.25.5</protobuf.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-opentelemetry/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'
def openTelemetryVersion = '1.40.0'
def openTelemetryPrometheusVersion = '1.40.0-alpha'

Expand Down
2 changes: 1 addition & 1 deletion examples/example-orca/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ java {
}

def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-reflection/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ java {
}

def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-servlet/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ java {
}

def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}",
Expand Down
2 changes: 1 addition & 1 deletion examples/example-tls/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
2 changes: 1 addition & 1 deletion examples/example-tls/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protoc.version>3.25.3</protoc.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion examples/example-xds/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ java {
// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.68.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def protocVersion = '3.25.3'
def protocVersion = '3.25.5'

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
Expand Down
4 changes: 2 additions & 2 deletions examples/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.68.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protobuf.version>3.25.3</protobuf.version>
<protoc.version>3.25.3</protoc.version>
<protobuf.version>3.25.5</protobuf.version>
<protoc.version>3.25.5</protoc.version>
<!-- required for JDK 8 -->
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
Expand Down
2 changes: 1 addition & 1 deletion gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ nettytcnative = '2.0.65.Final'
opencensus = "0.31.1"
# Not upgrading to 4.x as it is not yet ABI compatible.
# https://github.com/protocolbuffers/protobuf/issues/17247
protobuf = "3.25.3"
protobuf = "3.25.5"

[libraries]
android-annotations = "com.google.android:annotations:4.1.1.4"
Expand Down

0 comments on commit 2ff837a

Please sign in to comment.