[camel] branch camel-3.20.x updated: CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10964)

Wed, 02 Aug 2023 07:58:40 -0700 

This is an automated email from the ASF dual-hosted git repository.

nfilotto pushed a commit to branch camel-3.20.x
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/camel-3.20.x by this push:
     new 09a0eb6ddc6 CAMEL-19695: camel-google-bigquery - Bump org.json to 
20230618 (#10964)
09a0eb6ddc6 is described below

commit 09a0eb6ddc63b76230ad6a4b42c36cf76be72a1a
Author: Nicolas Filotto <essob...@users.noreply.github.com>
AuthorDate: Wed Aug 2 16:57:23 2023 +0200

    CAMEL-19695: camel-google-bigquery - Bump org.json to 20230618 (#10964)
    
    ## Motivation
    
    The component `camel-google-bigquery` indirectly depends on 
`org.json:json:jar:20200518:compile` which has a know CVE 
https://nvd.nist.gov/vuln/detail/CVE-2022-45688 that can be fixed by upgrading 
it to `20230227` or higher.
    
    ## Modifications:
    
    * Add `org.json:json:20230618` to the dependencyManagement section
    * Replace `org.json:json:20200518` with `org.json:json:20230618` in 
`camel-google-bigquery`
---
 camel-dependencies/pom.xml                            | 1 +
 components/camel-google/camel-google-bigquery/pom.xml | 8 ++++++++
 parent/pom.xml                                        | 6 ++++++
 3 files changed, 15 insertions(+)

diff --git a/camel-dependencies/pom.xml b/camel-dependencies/pom.xml
index f530fee557c..a39c4ba02b0 100644
--- a/camel-dependencies/pom.xml
+++ b/camel-dependencies/pom.xml
@@ -348,6 +348,7 @@
     <jslt-version>0.1.11</jslt-version>
     <jsmpp-version>2.3.11</jsmpp-version>
     <json-api>1.0</json-api>
+    <json-org-version>20230618</json-org-version>
     <json-patch-version>1.13</json-patch-version>
     <json-path-version>2.8.0</json-path-version>
     <json-schema-validator-version>2.2.14</json-schema-validator-version>
diff --git a/components/camel-google/camel-google-bigquery/pom.xml 
b/components/camel-google/camel-google-bigquery/pom.xml
index f676dc48bb6..28584214028 100644
--- a/components/camel-google/camel-google-bigquery/pom.xml
+++ b/components/camel-google/camel-google-bigquery/pom.xml
@@ -76,8 +76,16 @@
                     <groupId>com.google.code.findbugs</groupId>
                     <artifactId>jsr305</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.json</groupId>
+                    <artifactId>json</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.json</groupId>
+            <artifactId>json</artifactId>
+        </dependency>
 
         <dependency>
             <groupId>org.apache.camel</groupId>
diff --git a/parent/pom.xml b/parent/pom.xml
index 08e2c71ced1..5197a8380b3 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -333,6 +333,7 @@
         <jsmpp-version>2.3.11</jsmpp-version>
         <jsch-version>0.2.1</jsch-version>
         <json-api>1.0</json-api>
+        <json-org-version>20230618</json-org-version>
         <jsonassert-version>1.5.1</jsonassert-version>
         <json-path-version>2.8.0</json-path-version>
         <json-patch-version>1.13</json-patch-version>
@@ -3211,6 +3212,11 @@
                 <artifactId>jaxp-ri</artifactId>
                 <version>1.4.5</version>
             </dependency>
+            <dependency>
+                <groupId>org.json</groupId>
+                <artifactId>json</artifactId>
+                <version>${json-org-version}</version>
+            </dependency>
 
             <!-- logging -->
             <dependency>

Reply via email to