jmeter-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [jmeter] sseide opened a new pull request #668: update json-smart to 2.4.7 (from 2.4.1), accessors-smart to 2.4.7 (from 1.3) and asm to 9.1 (from 9.0)
Date Mon, 07 Jun 2021 12:34:33 GMT

sseide opened a new pull request #668:
URL: https://github.com/apache/jmeter/pull/668


   ## Description
   
   This PR updates the used net.minidev:json-smart library to version 2.4.7 to fix a security
warning. The accessors-smart lib is updated too as it belongs to json-smart and is released
together.
   
   The asm 9.1 library is a dependency of accessors-smart as well as for the already updated
tika-parsers 1.26. Within the recent update of tika-parsers the asm update was missing.
   
   ## Motivation and Context
   
   fix a security warning for json-smart:
   * [CVE-2021-31684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31684)
   
   ## How Has This Been Tested?
   run `gradlew check` and use it for some days on our own setup.
   
   ## Screenshots (if appropriate):
   
   ## Types of changes
   - Bug fix (non-breaking change which fixes an issue)
   
   ## Checklist:
   - [x] My code follows the [code style][style-guide] of this project.
   - [x] I have updated the documentation accordingly.
   
   [style-guide]: https://wiki.apache.org/jmeter/CodeStyleGuidelines
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



Mime
View raw message