From ca33b6cf1b652ee8c8f1f171c85c18a978675be8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Oct 2023 19:43:07 +0000 Subject: [PATCH] Upgrade JSON to 20231013 to fix CVE-2023-5072 (#1750) Signed-off-by: Derek Ho (cherry picked from commit fe38a6c1f2bffed729fa24ade493a8e4e10c513a) Signed-off-by: github-actions[bot] --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 950e8c1a6..2d3131c11 100644 --- a/build.gradle +++ b/build.gradle @@ -191,7 +191,7 @@ dependencies { implementation "org.jetbrains.kotlin:kotlin-stdlib-common:${kotlin_version}" implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.9" implementation "${group}:common-utils:${common_utils_version}" - implementation 'org.json:json:20230227' + implementation 'org.json:json:20231013' implementation group: 'com.github.wnameless.json', name: 'json-flattener', version: '0.15.1' // json-base, jackson-databind, jackson-annotations are only used by json-flattener. // see https://github.com/opensearch-project/OpenSearch/issues/5395.