From 8a65abd89b10dd4ade3097718638bc6be827625d Mon Sep 17 00:00:00 2001
From: TharmiganK <ktharmi176@gmail.com>
Date: Tue, 24 Sep 2024 15:58:33 +0530
Subject: [PATCH 1/3] Update protobuf version

---
 gradle.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gradle.properties b/gradle.properties
index ea88aade9f..0303be03bd 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -21,7 +21,7 @@ mockitoVersion=5.3.1
 gsonVersion=2.7
 lz4Version=1.3.0
 marshallingVersion=2.0.5.Final
-protobufVersion=3.20.3
+protobufVersion=3.25.5
 jacocoVersion=0.8.10
 ballerinaToOpenApiVersion=2.1.0
 swaggerCoreVersion=2.2.22

From 9d73cede8d3976da9e10ec97cbdab49f6b59f44a Mon Sep 17 00:00:00 2001
From: TharmiganK <ktharmi176@gmail.com>
Date: Tue, 24 Sep 2024 15:59:03 +0530
Subject: [PATCH 2/3] [Automated] Update the native jar versions

---
 ballerina/Ballerina.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml
index 805cd6d732..c3435acef3 100644
--- a/ballerina/Ballerina.toml
+++ b/ballerina/Ballerina.toml
@@ -169,5 +169,5 @@ path = "./lib/lz4-1.3.0.jar"
 [[platform.java17.dependency]]
 groupId = "com.google.protobufl"
 artifactId = "protobuf-java"
-version = "3.20.3"
-path = "./lib/protobuf-java-3.20.3.jar"
+version = "3.25.5"
+path = "./lib/protobuf-java-3.25.5.jar"

From a5071ebce0e6aed78f165a71581042cffc3548d4 Mon Sep 17 00:00:00 2001
From: TharmiganK <ktharmi176@gmail.com>
Date: Tue, 24 Sep 2024 16:02:00 +0530
Subject: [PATCH 3/3] Update change log

---
 changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/changelog.md b/changelog.md
index 6498c73ade..f427f1fed7 100644
--- a/changelog.md
+++ b/changelog.md
@@ -15,6 +15,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - [Add header name mapping support in record fields](https://github.com/ballerina-platform/ballerina-library/issues/7018)
 - [Introduce util functions to convert query and header record with the `http:Query` and the `http:Header` annotations](https://github.com/ballerina-platform/ballerina-library/issues/7019)
 
+### Fixed
+
+- [Address CVE-2024-7254 vulnerability](https://github.com/ballerina-platform/ballerina-library/issues/7013)
+
 ## [2.12.0] - 2024-08-20
 
 ### Added