sseide opened a new pull request #698: URL: https://github.com/apache/jmeter/pull/698
## Description This PR updates two dependencies to fix multiple security warnings in this libraries or dependents of these. ## Motivation and Context This fixes the following warnings: * xstream CVE-2021-43859 (Denial of service) * junrar (dep of tika-parsers) - Denial of Service - https://security.snyk.io/vuln/SNYK-JAVA-COMGITHUBJUNRAR-2388979 * xercesImpl CVE-2022-23437 (dep of tika-parsers too) - Denial of Service I added the gpg key from Aurelien Pupier for xerces too as he did the release of this new version (see https://issues.apache.org/jira/browse/XERCESJ-1735#comment-17482989) ## How Has This Been Tested? <!--- Please describe in detail how you tested your changes. --> <!--- Include details of your testing environment, tests ran to see how --> <!--- your change affects other areas of the code, etc. --> run `gradlew check` and used locally ## Screenshots (if appropriate): ## Types of changes <!--- What types of changes does your code introduce? Delete as appropriate --> - Bug fix (non-breaking change which fixes an issue) ## Checklist: <!--- Go over all the following points, and put an `x` in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! --> - [x] My code follows the [code style][style-guide] of this project. - [x] I have updated the documentation accordingly. [style-guide]: https://wiki.apache.org/jmeter/CodeStyleGuidelines -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
