From a7a7bec30d7a02841d9ce9d546e974a4d31578f1 Mon Sep 17 00:00:00 2001 From: mrdubr Date: Fri, 26 Apr 2024 15:28:04 -0400 Subject: [PATCH] RUN-2312 : bump up aws-java-sdk-s3 version to loose ion-java dep Bump up the version of the aws-java-sdk-s3 library to the one that does not reference the ion-java:1.0.2 depenency with the CVE-2024-21634 vulnerability --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index d99ea0f..1434f8a 100644 --- a/build.gradle +++ b/build.gradle @@ -55,7 +55,7 @@ configurations { dependencies { implementation group: 'org.rundeck', name: 'rundeck-core', version: '4.13.0-20230515' implementation "org.slf4j:slf4j-api:1.7.30" - pluginLibs ('com.amazonaws:aws-java-sdk-s3:1.12.479') { + pluginLibs ('com.amazonaws:aws-java-sdk-s3:1.12.708') { exclude group: "com.fasterxml.jackson.core" exclude group: "com.fasterxml.jackson.dataformat" }