Skip to content

Commit

Permalink
Updated h2 and CVE exemptions to 2.2.224 (#59)
Browse files Browse the repository at this point in the history 
* Updated h2 and CVE exemptions to 2.2.224

* Upgrade other H2 references to 2.2.224
  • Loading branch information
@DovOps
DovOps authored Nov 19, 2023
1 parent ab70064 commit dec114f
Show file tree
Hide file tree
Showing 6 changed files with 7 additions and 8 deletions.
4 changes: 2 additions & 2 deletions .github/gradle-cve-ignore-list.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[Not using webAdminPassword startup parameter]]></notes>
<filePath regex="true">.*\bh2-2\.2\.220\.jar</filePath>
<filePath regex="true">.*\bh2-2\.2\.224\.jar</filePath>
<cve>CVE-2022-45868</cve>
</suppress>
<suppress>
<notes><![CDATA[Not running backups]]></notes>
<filePath regex="true">.*\bh2-2\.2\.220\.jar</filePath>
<filePath regex="true">.*\bh2-2\.2\.224\.jar</filePath>
<cve>CVE-2018-14335</cve>
</suppress>
<suppress>
Expand Down
2 changes: 1 addition & 1 deletion account-service/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ dependencies {
implementation('org.apache.tomcat.embed:tomcat-embed-el:10.1.16') {
because 'previous versions are affected by CVE-2023-41080 and others'
}
implementation 'com.h2database:h2:2.2.220'
implementation 'com.h2database:h2:2.2.224'
implementation 'org.springdoc:springdoc-openapi-ui:1.7.0'

testImplementation 'org.springframework.boot:spring-boot-starter-test'
Expand Down
3 changes: 1 addition & 2 deletions database/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,7 @@ plugins {
}

dependencies {
implementation 'com.h2database:h2:2.2.220'
// implementation 'com.h2database:h2:2.2.220'
implementation 'com.h2database:h2:2.2.224'
}

application {
Expand Down
2 changes: 1 addition & 1 deletion position-service/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ dependencies {
implementation('org.apache.tomcat.embed:tomcat-embed-el:10.1.16') {
because 'previous versions are affected by CVE-2023-41080 and others'
}
implementation 'com.h2database:h2:2.2.220'
implementation 'com.h2database:h2:2.2.224'
implementation 'org.springdoc:springdoc-openapi-ui:1.7.0'

testImplementation 'org.springframework.boot:spring-boot-starter-test'
Expand Down
2 changes: 1 addition & 1 deletion trade-processor/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ dependencies {
implementation('org.json:json:20231013') {
because 'previous versions are affected by multiple CVE'
}
implementation 'com.h2database:h2:2.2.220'
implementation 'com.h2database:h2:2.2.224'
implementation 'org.springdoc:springdoc-openapi-ui:1.7.0'
implementation ('io.socket:socket.io-client:2.1.0'){
exclude group: 'org.json', module: 'json'
Expand Down
2 changes: 1 addition & 1 deletion trade-service/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ dependencies {
implementation ('io.socket:socket.io-client:2.1.0') {
exclude group: 'org.json', module: 'json'
}
implementation 'com.h2database:h2:2.2.220'
implementation 'com.h2database:h2:2.2.224'
implementation 'org.springdoc:springdoc-openapi-ui:1.7.0'
implementation 'io.swagger.core.v3:swagger-core:2.2.19'
implementation 'io.swagger.core.v3:swagger-annotations:2.2.19'
Expand Down

0 comments on commit dec114f

Please sign in to comment.