Skip to content

Commit

Permalink
Fix security Issues
Browse files Browse the repository at this point in the history
  • Loading branch information
@tunacicek
tunacicek committed Oct 9, 2024
1 parent 1470d41 commit 8146de2
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 27 deletions.
42 changes: 18 additions & 24 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,78 +5,72 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres
to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## 0.4.0
## 0.5.0-RC1
### Added
### fixed
- Update Spring Boot to version 3.3.4
- Update lombok to version 1.18.34

## 0.4.0
### Added
## fixed
- Implemented mandatory changes in licensing and legal documentation
- updated spring boot version to 3.3.1

## 0.3.1
### Added
## fixed
### fixed
- security fix spring-web:6.1.5.jar

## 0.3.0
### Added
- Update Springboot to version 3.2.4

## fixed
### fixed

## 0.2.7
### Added
- new timeToLive field added to Endpoints

## fixed
### fixed

## 0.2.6
### Added

## fixed
### fixed
- Spring Boot version updated to 3.1.6 to fix CVE-2023-46589 and CVE-2023-34053
- update logback version to fix CVE-2023-6378

## 0.2.5
### Added
- Introduced versioning of the APIs of the Discovery Finder.First version of this API is 1.0

## fixed

### fixed

## 0.2.4-M1
### Added
- Add new workflow for testing Helm chart
- Resource Management has been adjusted in Helm chart

## fixed
- Resource Management has been adjusted in Helm chart
### fixed

## 0.2.3-M1
### Added
- Add legal information for distributions in jar

## fixed
### fixed

## 0.2.2-M1
### Added

## fixed
### fixed
- Fix CVE-2023-34035 (update springboot to version 3.1.2)

## 0.2.1-M1
### Added
- added functionality to create initial endpoints on application start

## fixed
### fixed

## 0.2.0-M1
### Added

## fixed
### fixed
- fix CVE-2023-20862
- fix CVE-2023-20873

## 0.1.0-M1
### Added
- Provide APIs to create, delete and update discovery-endpoints

## fixed
### fixed
6 changes: 3 additions & 3 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.1</version> <!-- need to be repeated in properties section for technical purposes -->
<version>3.3.4</version> <!-- need to be repeated in properties section for technical purposes -->
<relativePath/> <!-- lookup parent from repository and not the filesystem -->
</parent>

Expand Down Expand Up @@ -65,9 +65,9 @@

<!-- version properties -->
<!-- framework and base stuff -->
<spring.boot.version>3.3.1</spring.boot.version>
<spring.boot.version>3.3.4</spring.boot.version>
<spring-framework.version>6.1.6</spring-framework.version>
<lombok.version>1.18.24</lombok.version>
<lombok.version>1.18.34</lombok.version>
<openapi-starter-webmvc-ui.version>2.0.2</openapi-starter-webmvc-ui.version>
<swagger-annotations.version>1.5.20</swagger-annotations.version>
<swagger-core-version>2.0.0</swagger-core-version>
Expand Down

0 comments on commit 8146de2

Please sign in to comment.