This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-3.14.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-3.14.x by this push:
new b95a27ce551 Upgrade to com.alibaba:fastjson:1.2.83, fix CVE-2022-25845
fastjson: autoType shutdown restriction bypass leads to deserialization (#7966)
b95a27ce551 is described below
commit b95a27ce5515f5f143c12b0f7981e44c6241aab0
Author: Peter Palaga <[email protected]>
AuthorDate: Fri Jul 1 13:49:24 2022 +0200
Upgrade to com.alibaba:fastjson:1.2.83, fix CVE-2022-25845 fastjson:
autoType shutdown restriction bypass leads to deserialization (#7966)
---
camel-dependencies/pom.xml | 2 +-
parent/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/camel-dependencies/pom.xml b/camel-dependencies/pom.xml
index 39fa6cf26de..901a5d67303 100644
--- a/camel-dependencies/pom.xml
+++ b/camel-dependencies/pom.xml
@@ -193,7 +193,7 @@
<etcd4j-version>2.18.0</etcd4j-version>
<exec-maven-plugin-version>1.6.0</exec-maven-plugin-version>
<facebook4j-core-version>2.4.13</facebook4j-core-version>
- <fastjson-version>1.2.78</fastjson-version>
+ <fastjson-version>1.2.83</fastjson-version>
<findbugs-maven-plugin-version>3.0.5</findbugs-maven-plugin-version>
<flatpack-version>4.0.5</flatpack-version>
<flink-version>1.14.0</flink-version>
diff --git a/parent/pom.xml b/parent/pom.xml
index 7ee3ca841cc..addc8eaf25f 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -174,7 +174,7 @@
<etcd4j-version>2.18.0</etcd4j-version>
<exec-maven-plugin-version>1.6.0</exec-maven-plugin-version>
<facebook4j-core-version>2.4.13</facebook4j-core-version>
- <fastjson-version>1.2.78</fastjson-version>
+ <fastjson-version>1.2.83</fastjson-version>
<findbugs-maven-plugin-version>3.0.5</findbugs-maven-plugin-version>
<google-maps-services-version>0.10.1</google-maps-services-version>
<flatpack-version>4.0.5</flatpack-version>
