This is an automated email from the ASF dual-hosted git repository. manikumar pushed a commit to branch 3.6 in repository https://gitbox.apache.org/repos/asf/kafka.git
commit 361def54328d0ea26036a19784607f17b13fd14b Author: Johnny Hsu <44309740+johnnych...@users.noreply.github.com> AuthorDate: Wed Mar 6 19:39:34 2024 +0800 KAFKA-16322 upgrade jline from 3.22.0 to 3.25.1 (#15464) An issue in the component "GroovyEngine.execute" of jline-groovy versions through 3.24.1 allows attackers to cause an OOM (OutofMemory) error. Please refer to https://devhub.checkmarx.com/cve-details/CVE-2023-50572 for more details Reviewers: Chia-Ping Tsai <chia7...@gmail.com> --- LICENSE-binary | 2 +- gradle/dependencies.gradle | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/LICENSE-binary b/LICENSE-binary index 6b49cfdad3e..96c175bc106 100644 --- a/LICENSE-binary +++ b/LICENSE-binary @@ -331,7 +331,7 @@ zstd-jni-1.5.5-1 see: licenses/zstd-jni-BSD-2-clause --------------------------------------- BSD 3-Clause -jline-3.22.0, see: licenses/jline-BSD-3-clause +jline-3.25.1, see: licenses/jline-BSD-3-clause jsr305-3.0.2, see: licenses/jsr305-BSD-3-clause paranamer-2.8, see: licenses/paranamer-BSD-3-clause diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 0479e3f86ee..6f738c3802a 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -92,7 +92,7 @@ versions += [ javassist: "3.29.2-GA", jetty: "9.4.53.v20231009", jersey: "2.39.1", - jline: "3.22.0", + jline: "3.25.1", jmh: "1.36", hamcrest: "2.2", scalaLogging: "3.9.4",