This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch release18.12 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release18.12 by this push: new 854b3225be Fixed: Upgrade Apache Shiro to 1.13.0 to fix CVE-2023-46750 (OFBIZ-12866) 854b3225be is described below commit 854b3225befa62f6cce694dbaab4dd3953fa9906 Author: Jacques Le Roux <jacques.le.r...@les7arts.com> AuthorDate: Mon Nov 13 19:04:56 2023 +0100 Fixed: Upgrade Apache Shiro to 1.13.0 to fix CVE-2023-46750 (OFBIZ-12866) See https://lists.apache.org/thread/ff0rq7rykh6zxb7l4dronowpoxrcqkr8 for details --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index c7afc0392b..3ac4f9a40e 100644 --- a/build.gradle +++ b/build.gradle @@ -209,7 +209,7 @@ dependencies { compile 'org.apache.logging.log4j:log4j-web:2.17.2' //??? compile 'org.apache.poi:poi:3.17' compile 'org.apache.pdfbox:pdfbox:2.0.24' - compile 'org.apache.shiro:shiro-core:1.4.0' + compile 'org.apache.shiro:shiro-core:1.13.0' compile 'org.apache.sshd:sshd-core:1.7.0' compile 'org.apache.tika:tika-core:1.28.4' compile 'org.apache.tika:tika-parsers:1.28.4'