diff --git a/build.gradle b/build.gradle
index ac44b03ffd..02730349e2 100644
--- a/build.gradle
+++ b/build.gradle
@@ -11,15 +11,15 @@ plugins {
}
ext {
- jettyVersion = "11.0.11"
+ jettyVersion = "11.0.20"
eclipselinkVersion = "3.0.2"
swaggerVersion = "2.1.13"
jerseyVersion = "3.0.4"
slf4jVersion = "1.7.36"
- logbackVersion = "1.2.11"
+ logbackVersion = "1.2.13"
hk2Version = "3.0.2"
- jacksonVersion = "2.14.2"
- jacksonDatabindVersion = "2.14.2"
+ jacksonVersion = "2.16.2"
+ jacksonDatabindVersion = "2.16.2"
}
allprojects {
@@ -68,7 +68,7 @@ allprojects {
testImplementation "nl.jqno.equalsverifier:equalsverifier:3.7.1"
testImplementation "com.mockrunner:mockrunner-jdbc:2.0.4"
- implementation "org.yaml:snakeyaml:1.33" // transitive dependency of jackson-databind:2.13.3
+ implementation 'org.yaml:snakeyaml:2.0' // transitive dependency of jackson-databind:2.13.3
implementation "commons-cli:commons-cli:1.5.0"
implementation "commons-codec:commons-codec:1.15"
@@ -108,7 +108,7 @@ allprojects {
implementation "org.eclipse.jetty:jetty-http:$jettyVersion"
implementation "org.eclipse.jetty:jetty-util:$jettyVersion"
- implementation "org.cryptacular:cryptacular:1.2.4"
+ implementation "org.cryptacular:cryptacular:1.2.6"
implementation "eu.neilalexander:jnacl:1.0.0"
implementation("io.swagger.core.v3:swagger-annotations-jakarta:$swaggerVersion")
@@ -116,14 +116,14 @@ allprojects {
implementation('io.swagger.parser.v3:swagger-parser-v3:2.0.27')
implementation "io.swagger.core.v3:swagger-jaxrs2-jakarta:$swaggerVersion"
- implementation "org.bouncycastle:bcpkix-jdk15on:1.68"
- implementation "org.bouncycastle:bcprov-jdk15on:1.68"
+ implementation "org.bouncycastle:bcpkix-jdk18on:1.78"
+ implementation "org.bouncycastle:bcprov-jdk18on:1.78"
implementation "com.h2database:h2:2.1.214"
implementation "com.zaxxer:HikariCP:5.0.1"
implementation "org.hsqldb:hsqldb:2.7.1"
- implementation "org.xerial:sqlite-jdbc:3.30.1"
+ implementation "org.xerial:sqlite-jdbc:3.45.1.0"
api 'org.eclipse.jetty.toolchain:jetty-jakarta-servlet-api:5.0.2'
api "jakarta.ws.rs:jakarta.ws.rs-api:3.0.0"
diff --git a/cvss-suppressions.xml b/cvss-suppressions.xml
index 77f449ef14..1cee3e334a 100644
--- a/cvss-suppressions.xml
+++ b/cvss-suppressions.xml
@@ -27,17 +27,6 @@
- ^pkg:maven/org.yaml/snakeyaml@1.33
- CVE-2022-41854
- CVE-2022-3064
- CVE-2022-38752
- CVE-2022-1471
- CVE-2021-4235
-
-
-
^pkg:maven/commons-io/commons-io@2.11.0
@@ -63,6 +52,7 @@
]]>
^pkg:maven/org\.glassfish/jakarta\.json@.*$
CVE-2022-45688
+ CVE-2023-5072
^pkg:maven/org\.glassfish/jsonp-jaxrs@.*$
CVE-2022-45688
+ CVE-2023-5072
^pkg:maven/jakarta\.json/jakarta\.json-api@.*$
CVE-2022-45688
+ CVE-2023-5072
^pkg:maven/com\.fasterxml\.jackson\.core/jackson-core@.*$
CVE-2022-45688
+ CVE-2023-5072
diff --git a/enclave/enclave-api/build.gradle b/enclave/enclave-api/build.gradle
index 44817c2d6a..835a4fa56e 100644
--- a/enclave/enclave-api/build.gradle
+++ b/enclave/enclave-api/build.gradle
@@ -7,7 +7,7 @@ dependencies {
implementation project(":encryption:encryption-api")
implementation project(":shared")
implementation project(":key-vault:key-vault-api")
- implementation "org.bouncycastle:bcpkix-jdk15on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
implementation "com.fasterxml.jackson.core:jackson-databind:$jacksonDatabindVersion"
implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:$jacksonVersion"
diff --git a/enclave/enclave-jaxrs/build.gradle b/enclave/enclave-jaxrs/build.gradle
index 507307ee82..919c3776d7 100644
--- a/enclave/enclave-jaxrs/build.gradle
+++ b/enclave/enclave-jaxrs/build.gradle
@@ -61,8 +61,8 @@ dependencies {
implementation "org.glassfish.jersey.media:jersey-media-json-processing"
runtimeOnly "org.glassfish.jersey.media:jersey-media-moxy"
runtimeOnly "com.sun.mail:jakarta.mail"
- implementation "org.bouncycastle:bcprov-jdk15on"
- implementation "org.bouncycastle:bcpkix-jdk15on"
+ implementation "org.bouncycastle:bcprov-jdk18on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
implementation project(":server:jersey-server")
diff --git a/encryption/encryption-api/build.gradle b/encryption/encryption-api/build.gradle
index ddd06516cb..f183a3b6f3 100644
--- a/encryption/encryption-api/build.gradle
+++ b/encryption/encryption-api/build.gradle
@@ -4,5 +4,5 @@ plugins {
dependencies {
implementation project(":shared")
- testImplementation "org.bouncycastle:bcpkix-jdk15on"
+ testImplementation "org.bouncycastle:bcpkix-jdk18on"
}
diff --git a/encryption/encryption-ec/build.gradle b/encryption/encryption-ec/build.gradle
index 497d9360d4..aa2fc3e52f 100644
--- a/encryption/encryption-ec/build.gradle
+++ b/encryption/encryption-ec/build.gradle
@@ -4,5 +4,5 @@ plugins {
dependencies {
implementation project(":encryption:encryption-api")
- implementation "org.bouncycastle:bcpkix-jdk15on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
}
diff --git a/key-generation/build.gradle b/key-generation/build.gradle
index 0effd71659..73cb1458d7 100644
--- a/key-generation/build.gradle
+++ b/key-generation/build.gradle
@@ -7,6 +7,6 @@ dependencies {
implementation project(":config")
implementation project(":shared")
implementation project(":key-vault:key-vault-api")
- implementation "org.bouncycastle:bcprov-jdk15on"
+ implementation "org.bouncycastle:bcprov-jdk18on"
testRuntimeOnly project(":encryption:encryption-ec")
}
diff --git a/key-vault/azure-key-vault/build.gradle b/key-vault/azure-key-vault/build.gradle
index c7bbf1c727..e7a13f4413 100644
--- a/key-vault/azure-key-vault/build.gradle
+++ b/key-vault/azure-key-vault/build.gradle
@@ -21,17 +21,17 @@ dependencies {
implementation project(":config")
implementation project(":key-vault:key-vault-api")
- implementation ("com.azure:azure-security-keyvault-secrets:4.4.2") {
+ implementation ("com.azure:azure-security-keyvault-secrets:4.8.2") {
exclude group: 'com.azure', module: 'azure-core-http-netty'
}
- implementation("com.azure:azure-identity:1.5.1") {
+ implementation("com.azure:azure-identity:1.11.4") {
exclude group: 'com.azure', module: 'azure-core-http-netty'
}
- implementation("com.azure:azure-core:1.29.1") {
+ implementation("com.azure:azure-core:1.37.0") {
exclude group: 'com.azure', module: 'azure-core-http-netty'
}
- implementation 'com.azure:azure-core-http-okhttp:1.10.1'
- implementation 'com.squareup.okio:okio:3.1.0'
+ implementation 'com.azure:azure-core-http-okhttp:1.11.0'
+ implementation 'com.squareup.okio:okio:3.4.0'
testImplementation "org.glassfish:jakarta.json"
diff --git a/security/build.gradle b/security/build.gradle
index 8b9a35d1a0..7e836700b3 100644
--- a/security/build.gradle
+++ b/security/build.gradle
@@ -2,11 +2,17 @@ plugins {
id "java-library"
}
+configurations.all {
+ resolutionStrategy {
+ force 'org.bouncycastle:bcprov-jdk18on:1.78'
+ }
+}
+
dependencies {
implementation project(":config")
implementation project(":shared")
- implementation "org.bouncycastle:bcpkix-jdk15on"
- implementation "org.bouncycastle:bcprov-jdk15on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
+ implementation "org.bouncycastle:bcprov-jdk18on"
implementation "org.cryptacular:cryptacular"
implementation "jakarta.xml.bind:jakarta.xml.bind-api"
diff --git a/tessera-core/build.gradle b/tessera-core/build.gradle
index df7a2752ae..5ac3901c66 100644
--- a/tessera-core/build.gradle
+++ b/tessera-core/build.gradle
@@ -18,7 +18,7 @@ dependencies {
implementation "jakarta.transaction:jakarta.transaction-api"
implementation "jakarta.annotation:jakarta.annotation-api"
- implementation "org.bouncycastle:bcpkix-jdk15on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
testImplementation project(":cli:cli-api")
diff --git a/tessera-data/build.gradle b/tessera-data/build.gradle
index 66ec7191e3..03bf48279d 100644
--- a/tessera-data/build.gradle
+++ b/tessera-data/build.gradle
@@ -10,7 +10,7 @@ dependencies {
implementation project(":encryption:encryption-api")
implementation project(":eclipselink-utils")
implementation "jakarta.transaction:jakarta.transaction-api"
- implementation "org.bouncycastle:bcprov-jdk15on"
+ implementation "org.bouncycastle:bcprov-jdk18on"
implementation "jakarta.validation:jakarta.validation-api"
runtimeOnly "com.h2database:h2"
implementation "com.zaxxer:HikariCP"
diff --git a/tessera-dist/build.gradle b/tessera-dist/build.gradle
index a2be4e93ea..75f8fcb178 100644
--- a/tessera-dist/build.gradle
+++ b/tessera-dist/build.gradle
@@ -80,7 +80,7 @@ dependencies {
implementation project(":tessera-context")
- implementation "org.bouncycastle:bcpkix-jdk15on"
+ implementation "org.bouncycastle:bcpkix-jdk18on"
implementation "jakarta.inject:jakarta.inject-api"
implementation "org.glassfish.jersey.core:jersey-common"
diff --git a/tessera-jaxrs/openapi/generate/build.gradle b/tessera-jaxrs/openapi/generate/build.gradle
index b2a85062c7..b071c76e87 100644
--- a/tessera-jaxrs/openapi/generate/build.gradle
+++ b/tessera-jaxrs/openapi/generate/build.gradle
@@ -4,7 +4,7 @@ plugins {
configurations.all {
resolutionStrategy {
- force 'org.yaml:snakeyaml:1.33', 'com.fasterxml.jackson.core:jackson-databind:2.14.0-rc1'
+ force 'org.yaml:snakeyaml:2.0', 'com.fasterxml.jackson.core:jackson-databind:2.16.2'
}
}
diff --git a/tessera-jaxrs/sync-jaxrs/build.gradle b/tessera-jaxrs/sync-jaxrs/build.gradle
index 9daf45e5ba..d28249a485 100644
--- a/tessera-jaxrs/sync-jaxrs/build.gradle
+++ b/tessera-jaxrs/sync-jaxrs/build.gradle
@@ -5,7 +5,7 @@ plugins {
configurations.all {
resolutionStrategy {
- force 'org.yaml:snakeyaml:1.33', 'com.fasterxml.jackson.core:jackson-databind:2.14.0-rc1'
+ force 'org.yaml:snakeyaml:2.0', 'com.fasterxml.jackson.core:jackson-databind:2.16.2'
}
}
diff --git a/tessera-jaxrs/thirdparty-jaxrs/build.gradle b/tessera-jaxrs/thirdparty-jaxrs/build.gradle
index 4fe4a3aa7e..a971f254d4 100644
--- a/tessera-jaxrs/thirdparty-jaxrs/build.gradle
+++ b/tessera-jaxrs/thirdparty-jaxrs/build.gradle
@@ -5,7 +5,7 @@ plugins {
configurations.all {
resolutionStrategy {
- force 'org.yaml:snakeyaml:1.33', 'com.fasterxml.jackson.core:jackson-databind:2.14.0-rc1'
+ force 'org.yaml:snakeyaml:2.0', 'com.fasterxml.jackson.core:jackson-databind:2.16.2'
}
}
diff --git a/tessera-jaxrs/transaction-jaxrs/build.gradle b/tessera-jaxrs/transaction-jaxrs/build.gradle
index a252ff421e..7dc03bded7 100644
--- a/tessera-jaxrs/transaction-jaxrs/build.gradle
+++ b/tessera-jaxrs/transaction-jaxrs/build.gradle
@@ -5,7 +5,7 @@ plugins {
configurations.all {
resolutionStrategy {
- force 'org.yaml:snakeyaml:1.33', 'com.fasterxml.jackson.core:jackson-databind:2.14.0-rc1'
+ force 'org.yaml:snakeyaml:2.0', 'com.fasterxml.jackson.core:jackson-databind:2.16.2'
}
}
diff --git a/tests/acceptance-test/build.gradle b/tests/acceptance-test/build.gradle
index dbb8bf9ffe..9dca85e7b0 100644
--- a/tests/acceptance-test/build.gradle
+++ b/tests/acceptance-test/build.gradle
@@ -54,8 +54,8 @@ dependencies {
testImplementation "com.github.jnr:jnr-unixsocket"
testImplementation "org.glassfish:jakarta.el"
- testImplementation "org.bouncycastle:bcpkix-jdk15on"
- testImplementation "org.bouncycastle:bcprov-jdk15on"
+ testImplementation "org.bouncycastle:bcpkix-jdk18on"
+ testImplementation "org.bouncycastle:bcprov-jdk18on"
testRuntimeOnly "org.eclipse.persistence:org.eclipse.persistence.moxy"
@@ -70,7 +70,7 @@ dependencies {
testImplementation "org.eclipse.jetty:jetty-servlet"
- testImplementation "org.yaml:snakeyaml"
+ implementation "org.yaml:snakeyaml"
}
diff --git a/tests/acceptance-test/src/main/java/module-info.java b/tests/acceptance-test/src/main/java/module-info.java
index 192791dcb5..a4acfcc9d3 100644
--- a/tests/acceptance-test/src/main/java/module-info.java
+++ b/tests/acceptance-test/src/main/java/module-info.java
@@ -17,4 +17,5 @@
requires jdk.httpserver;
requires java.net.http;
requires jakarta.json;
+ requires org.yaml.snakeyaml;
}