Skip to content

Commit 68ba278

Browse files
author
Bogdan Mocanu
committed
Update jackson-databind and woodstox-core libraries, based on the Sonatype Lift vulnerability report. Bump the client version to 1.5.1
1 parent 3a03185 commit 68ba278

5 files changed

Lines changed: 43 additions & 13 deletions

File tree

mid-java-client-core/pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,11 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.5.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-core</artifactId>
13-
<version>1.6.0</version>
13+
<version>1.5.1</version>
1414
<name>mid-java-client-core</name>
1515
<description>MobileID Java Client - Core Functionality</description>
1616
<packaging>jar</packaging>

mid-java-client-rest/pom.xml

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,11 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.5.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-rest</artifactId>
13-
<version>1.6.0</version>
13+
<version>1.5.1</version>
1414
<name>mid-java-client-rest</name>
1515
<description>MobileID Java Client - REST Implementation</description>
1616
<packaging>jar</packaging>
@@ -31,6 +31,10 @@
3131
<groupId>com.fasterxml.jackson.core</groupId>
3232
<artifactId>jackson-core</artifactId>
3333
</dependency>
34+
<dependency>
35+
<groupId>com.fasterxml.jackson.core</groupId>
36+
<artifactId>jackson-annotations</artifactId>
37+
</dependency>
3438
<dependency>
3539
<groupId>org.apache.httpcomponents.client5</groupId>
3640
<artifactId>httpclient5</artifactId>
@@ -66,4 +70,4 @@
6670
</dependency>
6771
</dependencies>
6872

69-
</project>
73+
</project>

mid-java-client-soap/pom.xml

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,11 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.5.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-soap</artifactId>
13-
<version>1.6.0</version>
13+
<version>1.5.1</version>
1414
<name>mid-java-client-soap</name>
1515
<description>MobileID Java Client - SOAP Implementation</description>
1616
<packaging>jar</packaging>
@@ -27,6 +27,10 @@
2727
<groupId>com.sun.xml.ws</groupId>
2828
<artifactId>jaxws-rt</artifactId>
2929
</dependency>
30+
<dependency>
31+
<groupId>com.fasterxml.woodstox</groupId>
32+
<artifactId>woodstox-core</artifactId>
33+
</dependency>
3034
<dependency>
3135
<groupId>org.apache.commons</groupId>
3236
<artifactId>commons-pool2</artifactId>
@@ -70,6 +74,11 @@
7074
<artifactId>jackson-core</artifactId>
7175
<scope>test</scope>
7276
</dependency>
77+
<dependency>
78+
<groupId>com.fasterxml.jackson.core</groupId>
79+
<artifactId>jackson-annotations</artifactId>
80+
<scope>test</scope>
81+
</dependency>
7382
</dependencies>
7483

7584
<build>
@@ -100,4 +109,4 @@
100109
</plugins>
101110
</build>
102111

103-
</project>
112+
</project>

mid-java-client-usage/pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,11 @@
66
<parent>
77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.5.1</version>
1010
</parent>
1111

1212
<artifactId>mid-java-client-usage</artifactId>
13-
<version>1.6.0</version>
13+
<version>1.5.1</version>
1414
<name>mid-java-client-usage</name>
1515
<description>MobileID Java Client - Usage samples</description>
1616
<packaging>jar</packaging>

pom.xml

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>ch.mobileid.mid-java-client</groupId>
88
<artifactId>mid-java-client-parent</artifactId>
9-
<version>1.6.0</version>
9+
<version>1.5.1</version>
1010
<name>Mobile ID Java client</name>
1111
<description>Mobile ID client reference implementation in Java</description>
1212
<url>https://github.com/MobileID-Strong-Authentication/mobileid-client-java</url>
@@ -53,12 +53,17 @@
5353
<dependency>
5454
<groupId>com.fasterxml.jackson.core</groupId>
5555
<artifactId>jackson-databind</artifactId>
56-
<version>2.11.0</version>
56+
<version>2.13.3</version>
5757
</dependency>
5858
<dependency>
5959
<groupId>com.fasterxml.jackson.core</groupId>
6060
<artifactId>jackson-core</artifactId>
61-
<version>2.11.0</version>
61+
<version>2.13.3</version>
62+
</dependency>
63+
<dependency>
64+
<groupId>com.fasterxml.jackson.core</groupId>
65+
<artifactId>jackson-annotations</artifactId>
66+
<version>2.13.3</version>
6267
</dependency>
6368
<dependency>
6469
<groupId>org.apache.httpcomponents.client5</groupId>
@@ -79,6 +84,18 @@
7984
<groupId>com.sun.xml.ws</groupId>
8085
<artifactId>jaxws-rt</artifactId>
8186
<version>2.3.3</version>
87+
<exclusions>
88+
<exclusion>
89+
<groupId>com.fasterxml.woodstox</groupId>
90+
<artifactId>woodstox-core</artifactId>
91+
</exclusion>
92+
</exclusions>
93+
</dependency>
94+
<!-- because of the exclusion above, a new version of com.fasterxml.woodstox:woodstox-core needs to be included -->
95+
<dependency>
96+
<groupId>com.fasterxml.woodstox</groupId>
97+
<artifactId>woodstox-core</artifactId>
98+
<version>5.3.0</version>
8299
</dependency>
83100
<dependency>
84101
<groupId>org.bouncycastle</groupId>

0 commit comments

Comments
 (0)