This is an automated email from the ASF dual-hosted git repository.
zhangliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 2fe8c4cdd16 Fixes CVE-2024-7254 (#36153)
2fe8c4cdd16 is described below
commit 2fe8c4cdd16af43c91e6e7e7307c4eddc10b5a59
Author: Liang Zhang <[email protected]>
AuthorDate: Sun Aug 3 12:16:14 2025 +0800
Fixes CVE-2024-7254 (#36153)
* Fixes CVE-2024-7254
* Fixes CVE-2024-7254
---
RELEASE-NOTES.md | 1 +
pom.xml | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
index 9e6736aa341..becb66402ce 100644
--- a/RELEASE-NOTES.md
+++ b/RELEASE-NOTES.md
@@ -3,6 +3,7 @@
### CVE
1. Fixes CVE-2025-48924
[#36085](https://github.com/apache/shardingsphere/pull/36085)
+1. Fixes CVE-2024-7254
[#36153](https://github.com/apache/shardingsphere/pull/36153)
### Metadata Storage Changes
diff --git a/pom.xml b/pom.xml
index 321d64ac2f0..b2a7a92778c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -112,7 +112,7 @@
<vertx.version>4.5.1</vertx.version>
<grpc.version>1.65.1</grpc.version>
- <protobuf.version>3.21.12</protobuf.version>
+ <protobuf.version>3.25.8</protobuf.version>
<okhttp.version>4.12.0</okhttp.version>
<elasticjob.version>3.0.4</elasticjob.version>
