This is an automated email from the ASF dual-hosted git repository.
manikumar pushed a commit to branch 3.6
in repository https://gitbox.apache.org/repos/asf/kafka.git
commit 361def54328d0ea26036a19784607f17b13fd14b
Author: Johnny Hsu <44309740+johnnych...@users.noreply.github.com>
AuthorDate: Wed Mar 6 19:39:34 2024 +0800
KAFKA-16322 upgrade jline from 3.22.0 to 3.25.1 (#15464)
An issue in the component "GroovyEngine.execute" of jline-groovy versions
through 3.24.1 allows attackers to cause an OOM (OutofMemory) error. Please
refer to https://devhub.checkmarx.com/cve-details/CVE-2023-50572 for more
details
Reviewers: Chia-Ping Tsai <chia7...@gmail.com>
---
LICENSE-binary | 2 +-
gradle/dependencies.gradle | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index 6b49cfdad3e..96c175bc106 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -331,7 +331,7 @@ zstd-jni-1.5.5-1 see: licenses/zstd-jni-BSD-2-clause
---------------------------------------
BSD 3-Clause
-jline-3.22.0, see: licenses/jline-BSD-3-clause
+jline-3.25.1, see: licenses/jline-BSD-3-clause
jsr305-3.0.2, see: licenses/jsr305-BSD-3-clause
paranamer-2.8, see: licenses/paranamer-BSD-3-clause
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 0479e3f86ee..6f738c3802a 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -92,7 +92,7 @@ versions += [
javassist: "3.29.2-GA",
jetty: "9.4.53.v20231009",
jersey: "2.39.1",
- jline: "3.22.0",
+ jline: "3.25.1",
jmh: "1.36",
hamcrest: "2.2",
scalaLogging: "3.9.4",
