Skip to content
This repository has been archived by the owner on Apr 5, 2024. It is now read-only.

Commit

Permalink
Update vertx to 4.4.6 and suppress unrelated CVE (#537)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jframe
jframe authored Dec 12, 2023
1 parent f625de5 commit e0322b8
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 1 deletion.
7 changes: 7 additions & 0 deletions gradle/owasp-suppression.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,4 +51,11 @@
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-.*$</packageUrl>
<cve>CVE-2023-44487</cve>
</suppress>
<suppress until="2024-01-16">
<notes><![CDATA[
CVE relates to usage hostname verification when using TLS and doesn't apply as we use Tuweni for this
]]></notes>
<packageUrl regex="true">^pkg:maven/io\.vertx/vertx\-core@.*$</packageUrl>
<cve>CVE-2023-4586</cve>
</suppress>
</suppressions>
2 changes: 1 addition & 1 deletion gradle/versions.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ dependencyManagement {

dependency 'io.rest-assured:rest-assured:4.4.0'

dependencySet(group: 'io.vertx', version: '4.3.8') {
dependencySet(group: 'io.vertx', version: '4.4.6') {
entry 'vertx-codegen'
entry 'vertx-core'
entry 'vertx-unit'
Expand Down

0 comments on commit e0322b8

Please sign in to comment.