From 6ff395d58d0cbc275aabd37feae5bc337bd47418 Mon Sep 17 00:00:00 2001
From: Alberto Hormazabal <ahormazabal@exatech.cl>
Date: Tue, 29 Oct 2024 17:30:30 -0300
Subject: [PATCH] Update AWS sdk version for CVE-2024-21634

---
 .github/workflows/gradle.yml | 4 ++--
 build.gradle                 | 7 +++----
 gradle.properties            | 1 +
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
index 4effee4..a7ba272 100644
--- a/.github/workflows/gradle.yml
+++ b/.github/workflows/gradle.yml
@@ -26,9 +26,9 @@ jobs:
         id: get_version
         run: VERSION=$(./gradlew currentVersion -q -Prelease.quiet) && echo ::set-output name=VERSION::$VERSION
       - name: Upload azure plugin jar
-        uses: actions/upload-artifact@v1.0.0
+        uses: actions/upload-artifact@v4
         with:
           # Artifact name
           name: Grails-Plugin-${{ steps.get_version.outputs.VERSION }}
           # Directory containing files to upload
-          path: build/libs/rundeck-s3-log-plugin-${{ steps.get_version.outputs.VERSION }}.jar
\ No newline at end of file
+          path: build/libs/rundeck-s3-log-plugin-${{ steps.get_version.outputs.VERSION }}.jar
diff --git a/build.gradle b/build.gradle
index 7fbfbfd..a0e4f04 100644
--- a/build.gradle
+++ b/build.gradle
@@ -65,17 +65,16 @@ dependencies {
     // add any third-party jar dependencies you wish to include in the plugin
     // using the `pluginLibs` configuration as shown here:
 
-    implementation "com.amazonaws:aws-java-sdk-s3:1.12.470"
-    pluginLibs (group: 'com.amazonaws', name: 'aws-java-sdk-s3', version: '1.12.470') {
+    implementation "com.amazonaws:aws-java-sdk-s3:${awsSdkVersion}"
+    pluginLibs (group: 'com.amazonaws', name: 'aws-java-sdk-s3', version: "${awsSdkVersion}") {
             exclude group: "com.fasterxml.jackson.core"
             exclude group: "com.fasterxml.jackson.dataformat"
     }
-    pluginLibs (group: 'com.amazonaws', name: 'aws-java-sdk-sts', version: '1.12.470') {
+    pluginLibs (group: 'com.amazonaws', name: 'aws-java-sdk-sts', version: "${awsSdkVersion}") {
             exclude group: "com.fasterxml.jackson.core"
             exclude group: "com.fasterxml.jackson.dataformat"
     }
 
-
     //the compile dependency won't add the rundeck-core jar to the plugin contents
     implementation group: 'org.rundeck', name: 'rundeck-core', version: rundeckVersion
     testImplementation group: 'junit', name:'junit', version: '4.11'
diff --git a/gradle.properties b/gradle.properties
index acdea0e..d96d79c 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1 +1,2 @@
 group=org.rundeck.plugins
+awsSdkVersion=1.12.777