#138: Upgraded dependencies (#139)

exasol · Jul 3, 2023 · 49c3f82 · 49c3f82
1 parent 4e7254e
commit 49c3f82
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 9 deletions.
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
diff --git a/doc/changes/changes_7.3.3.md b/doc/changes/changes_7.3.3.md
@@ -0,0 +1,28 @@
+# Virtual Schema for Document Data in Files 7.3.3, released 2023-07-03
+
+Code name: Upgraded dependencies on top of 7.3.2
+
+## Summary
+
+This release updates dependencies to fix the following vulnerabilities in `org.xerial.snappy:snappy-java`:
+* CVE-2023-34453, severity CWE-190: Integer Overflow or Wraparound (7.5)
+* CVE-2023-34454, severity CWE-190: Integer Overflow or Wraparound (7.5)
+* CVE-2023-34455, severity CWE-770: Allocation of Resources Without Limits or Throttling (7.5)
+
+## Security
+
+* #138: Upgraded dependencies
+
+## Dependency Updates
+
+### Compile Dependency Updates
+
+* Updated `com.exasol:parquet-io-java:2.0.3` to `2.0.4`
+* Updated `de.siegmar:fastcsv:2.2.1` to `2.2.2`
+* Updated `io.deephaven:deephaven-csv:0.10.0` to `0.11.0`
+* Updated `jakarta.json:jakarta.json-api:2.1.1` to `2.1.2`
+
+### Test Dependency Updates
+
+* Updated `nl.jqno.equalsverifier:equalsverifier:3.14.1` to `3.14.3`
+* Updated `org.mockito:mockito-junit-jupiter:5.3.1` to `5.4.0`
diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom
diff --git a/pom.xml b/pom.xml
@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <artifactId>virtual-schema-common-document-files</artifactId>
- <version>7.3.2</version>
+ <version>7.3.3</version>
  <name>Virtual Schema for document data in files</name>
  <description>Adapter for document data access from files.</description>
  <url>https://github.com/exasol/virtual-schema-common-document-files/</url>
@@ -28,7 +28,7 @@
  <dependency>
  <groupId>com.exasol</groupId>
  <artifactId>parquet-io-java</artifactId>
- <version>2.0.3</version>
+ <version>2.0.4</version>
  </dependency>
  <!-- Test dependencies -->
  <dependency>
@@ -51,19 +51,19 @@
  <dependency>
  <groupId>nl.jqno.equalsverifier</groupId>
  <artifactId>equalsverifier</artifactId>
- <version>3.14.1</version>
+ <version>3.14.3</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>org.mockito</groupId>
  <artifactId>mockito-junit-jupiter</artifactId>
- <version>5.3.1</version>
+ <version>5.4.0</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>jakarta.json</groupId>
  <artifactId>jakarta.json-api</artifactId>
- <version>2.1.1</version>
+ <version>2.1.2</version>
  </dependency>
  <dependency>
  <groupId>org.glassfish</groupId>
@@ -110,12 +110,12 @@
  <dependency>
  <groupId>de.siegmar</groupId>
  <artifactId>fastcsv</artifactId>
- <version>2.2.1</version>
+ <version>2.2.2</version>
  </dependency>
  <dependency>
  <groupId>io.deephaven</groupId>
  <artifactId>deephaven-csv</artifactId>
- <version>0.10.0</version>
+ <version>0.11.0</version>
  </dependency>
  </dependencies>
  <build>
@@ -172,7 +172,7 @@
  <parent>
  <artifactId>virtual-schema-common-document-files-generated-parent</artifactId>
  <groupId>com.exasol</groupId>
- <version>7.3.2</version>
+ <version>7.3.3</version>
  <relativePath>pk_generated_parent.pom</relativePath>
  </parent>
 </project>