From 988969afe8dc335f8fef9732d5eda3fd6d917366 Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Mon, 16 Oct 2023 14:35:33 +0530 Subject: [PATCH 1/3] [Automated] Update the native jar versions --- ballerina/Ballerina.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index 39d6ca3..16f0018 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -25,8 +25,8 @@ path = "../native/build/libs/soap-native-0.8.0-SNAPSHOT.jar" [[platform.java17.dependency]] groupId = "org.apache.wss4j" artifactId = "wss4j-ws-security-dom" -version = "3.0.1" -path = "./lib/wss4j-ws-security-dom-3.0.1.jar" +version = "2.0.2" +path = "./lib/wss4j-ws-security-dom-2.0.2.jar" [[platform.java17.dependency]] groupId = "org.apache.wss4j" From 97da5f44b438f809432e5a1476847153f1ceb375 Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Mon, 16 Oct 2023 14:44:30 +0530 Subject: [PATCH 2/3] Ignore SAML vulnerability --- .trivyignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .trivyignore diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000..9402342 --- /dev/null +++ b/.trivyignore @@ -0,0 +1,2 @@ +# False positive +CVE-2014-3623 From b0c763a6dc225df9a3b206f9de0f0d31bd99b6b7 Mon Sep 17 00:00:00 2001 From: Nuvindu Date: Mon, 16 Oct 2023 14:45:04 +0530 Subject: [PATCH 3/3] [Automated] Update the native jar versions --- ballerina/Ballerina.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index 16f0018..39d6ca3 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -25,8 +25,8 @@ path = "../native/build/libs/soap-native-0.8.0-SNAPSHOT.jar" [[platform.java17.dependency]] groupId = "org.apache.wss4j" artifactId = "wss4j-ws-security-dom" -version = "2.0.2" -path = "./lib/wss4j-ws-security-dom-2.0.2.jar" +version = "3.0.1" +path = "./lib/wss4j-ws-security-dom-3.0.1.jar" [[platform.java17.dependency]] groupId = "org.apache.wss4j"