From 88a21af450546e7c3f38afd8d99cf59a6467509f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Sep 2024 03:50:35 +0000
Subject: [PATCH] fix(deps): Bump dnsjava:dnsjava from 3.6.1 to 3.6.2 (#237)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [dnsjava:dnsjava](https://github.com/dnsjava/dnsjava) from 3.6.1 to 3.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/dnsjava/dnsjava/releases">dnsjava:dnsjava's releases</a>.</em></p>
<blockquote>
<h2>v3.6.2</h2>
<ul>
<li>Add new IANA Trust Anchor (<a href="https://github.com/technolord"><code>@​technolord</code></a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/337">#337</a>)</li>
<li>Fix Zone handling with signed SOA (<a href="https://github.com/frankarinnet"><code>@​frankarinnet</code></a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/335">#335</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/dnsjava/dnsjava/blob/master/Changelog">dnsjava:dnsjava's changelog</a>.</em></p>
<blockquote>
<p>09/21/2024</p>
<ul>
<li>3.6.2 released</li>
<li>Add new IANA Trust Anchor (<a href="https://github.com/technolord"><code>@​technolord</code></a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/337">#337</a>)</li>
<li>Fix Zone handling with signed SOA (<a href="https://github.com/frankarinnet"><code>@​frankarinnet</code></a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/335">#335</a>)</li>
</ul>
<p>07/28/2024</p>
<ul>
<li>3.6.1 released</li>
<li>Properly fix LookupSession doesn't cache CNAMEs (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/316">#316</a>)</li>
<li>Move JEP-418 SPI to Java 18 to support EOL workflows (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/329">#329</a>)</li>
</ul>
<p>07/21/2024</p>
<ul>
<li>3.6.0 released</li>
<li>Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw)
Lookup and LookupSession do not sanitize input properly,
allowing to smuggle additional responses, even with DNSSEC.
I would like to thank Thomas Bellebaum from Fraunhofer AISEC
(<a href="https://github.com/bellebaum"><code>@​bellebaum</code></a>) and Martin Schanzenbach (<a href="https://github.com/schanzen"><code>@​schanzen</code></a>) for reporting
and assisting me with this issue.</li>
<li>Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf)
Denial-of-Service Algorithmic Complexity Attacks (KeyTrap)</li>
<li>Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr)
NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap)</li>
<li>Fix running all DNSSEC on the specified executor</li>
<li>Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12</li>
<li>Add A/AAAA record constructor with IP address byte array</li>
<li>Validate DS record digest lengths (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/250">#250</a>)</li>
<li>Fix NPE in SimpleResolver on invalid responses (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/277">#277</a>)</li>
<li>Add support for JEP 418: Internet-Address Resolution SPI (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/290">#290</a>)</li>
<li>Full JPMS support (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/246">#246</a>)</li>
<li>Pluggable I/O for SimpleResolver
(<a href="https://github.com/chrisruffalo"><code>@​chrisruffalo</code></a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/253">#253</a>)</li>
<li>UDP port leak in SimpleResolver (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/318">#318</a>)</li>
<li>Fix clean shutdown in app containers when never used (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/319">#319</a>)</li>
<li>Fix concurrency issue in I/O clients (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/315">#315</a>, <a href="https://redirect.github.com/dnsjava/dnsjava/issues/323">#323</a>)</li>
<li>LookupSession doesn't cache CNAMEs (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/316">#316</a>)</li>
<li>SimpleResolver can fail with UPDATE response (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/322">#322</a>)</li>
<li>Replace synchronization in Zone with locks
(<a href="https://redirect.github.com/dnsjava/dnsjava/issues/305">#305</a>, based on work from <a href="https://github.com/srijeet0406"><code>@​srijeet0406</code></a> in <a href="https://redirect.github.com/dnsjava/dnsjava/issues/306">#306</a>)</li>
</ul>
<p>11/11/2023</p>
<ul>
<li>3.5.3 released</li>
<li>Fix CNAME in LookupSession (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/279">#279</a>)</li>
<li>Fix Name constructor failing with max length, relative name
and root origin (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/289">#289</a>, <a href="https://github.com/MMauro94"><code>@​MMauro94</code></a>)</li>
<li>Add config option for Resolver I/O timeout (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/273">#273</a>, <a href="https://github.com/vmarian2"><code>@​vmarian2</code></a>)</li>
<li>Extend I/O logging</li>
<li>Prevent exception during TCP I/O with missing or truncated
length prefix</li>
<li>Use internal base64 codec for Android compatibility (<a href="https://redirect.github.com/dnsjava/dnsjava/issues/271">#271</a>)</li>
<li>Fix multi-message TSIG stream verification for pre-RFC8945</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/dnsjava/dnsjava/commit/81148caa75e492f5f9fa4eba58c2292bf2239e05"><code>81148ca</code></a> Release v3.6.2</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/6c519f2053f3e3bf8345a0c2af09abcf213c7c2b"><code>6c519f2</code></a> Fix compiling on Java 8</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/2885bddf14b8f012d2c362bc00b0d4da4436b8d4"><code>2885bdd</code></a> Update example to include current and next IANA trust anchor</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/8f8f91ea78c7fe4f9cde1edfff5cbdcb93149c7e"><code>8f8f91e</code></a> Allow loading cache from InputStream</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/1984e363b95b537ef78805fbd881b006aeb92ac6"><code>1984e36</code></a> Additional test for <a href="https://redirect.github.com/dnsjava/dnsjava/issues/334">#334</a></li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/6e1786e0545322ac75b5c4d947bb52ca95df7417"><code>6e1786e</code></a> 334, added test case demonstrating SOA replace.</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/fd054658ad6ece509bd56021c5ca7a57edd2febf"><code>fd05465</code></a> Zone now constructs successfully even when the input records include a SOA wi...</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/5af97d6735a3b4a4289ed0e58d62fe0624e4993e"><code>5af97d6</code></a> Added comment</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/7a2a599acf4f6631a1325ca8231213d8324683b2"><code>7a2a599</code></a> Add new IANA Trust Anchor</li>
<li><a href="https://github.com/dnsjava/dnsjava/commit/dcffe8c4659f8351c48e2d7c8db4507a404bb379"><code>dcffe8c</code></a> Return to -snapshot</li>
<li>See full diff in <a href="https://github.com/dnsjava/dnsjava/compare/v3.6.1...v3.6.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dnsjava:dnsjava&package-manager=gradle&previous-version=3.6.1&new-version=3.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 5f800cf..2bcd99f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -48,7 +48,7 @@ dependencies {
 
   implementation("io.ktor:ktor-client-okhttp:$ktorVersion")
   implementation("com.squareup.okhttp3:okhttp:$okhttpVersion")
-  implementation("dnsjava:dnsjava:3.6.1")
+  implementation("dnsjava:dnsjava:3.6.2")
 
   testImplementation("org.jetbrains.kotlin:kotlin-test")
   testImplementation("org.junit.jupiter:junit-jupiter:$junit5Version")