From 1358d2124f39dd4b6b5df666757ab8ba942cea6d Mon Sep 17 00:00:00 2001 From: MohamedSabthar Date: Fri, 20 Oct 2023 10:15:56 +0530 Subject: [PATCH 1/3] [Automated] Update the native jar versions --- ballerina/Ballerina.toml | 18 +++++++++--------- ballerina/CompilerPlugin.toml | 2 +- ballerina/Dependencies.toml | 8 ++++---- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index adfce512..0a5b1693 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -1,7 +1,7 @@ [package] org = "ballerina" name = "udp" -version = "1.4.0" +version = "1.4.1" authors = ["Ballerina"] keywords = ["UDP", "datagram", "transport"] repository = "https://github.com/ballerina-platform/module-ballerina-udp" @@ -12,24 +12,24 @@ distribution = "2201.2.0" [[platform.java11.dependency]] groupId = "io.ballerina.stdlib" artifactId = "udp-native" -version = "1.4.0" -path = "../native/build/libs/udp-native-1.4.0.jar" +version = "1.4.1" +path = "../native/build/libs/udp-native-1.4.1-SNAPSHOT.jar" [[platform.java11.dependency]] -path = "../test-utils/build/libs/udp-test-utils-1.4.0.jar" +path = "../test-utils/build/libs/udp-test-utils-1.4.1-SNAPSHOT.jar" scope = "testOnly" [[platform.java11.dependency]] -path = "./lib/netty-handler-4.1.77.Final.jar" +path = "./lib/netty-handler-4.1.100.Final.jar" [[platform.java11.dependency]] -path = "./lib/netty-buffer-4.1.77.Final.jar" +path = "./lib/netty-buffer-4.1.100.Final.jar" [[platform.java11.dependency]] -path = "./lib/netty-transport-4.1.77.Final.jar" +path = "./lib/netty-transport-4.1.100.Final.jar" [[platform.java11.dependency]] -path = "./lib/netty-common-4.1.77.Final.jar" +path = "./lib/netty-common-4.1.100.Final.jar" [[platform.java11.dependency]] -path = "./lib/netty-resolver-4.1.77.Final.jar" +path = "./lib/netty-resolver-4.1.100.Final.jar" diff --git a/ballerina/CompilerPlugin.toml b/ballerina/CompilerPlugin.toml index 5a0af828..199977c3 100644 --- a/ballerina/CompilerPlugin.toml +++ b/ballerina/CompilerPlugin.toml @@ -3,4 +3,4 @@ id = "udp-plugin" class = "io.ballerina.stdlib.udp.compiler.UdpCompilerPlugin" [[dependency]] -path = "../compiler-plugin/build/libs/udp-compiler-plugin-1.4.0.jar" +path = "../compiler-plugin/build/libs/udp-compiler-plugin-1.4.1-SNAPSHOT.jar" diff --git a/ballerina/Dependencies.toml b/ballerina/Dependencies.toml index 0b353fff..2bdac322 100644 --- a/ballerina/Dependencies.toml +++ b/ballerina/Dependencies.toml @@ -9,7 +9,7 @@ dependencies-toml-version = "2" [[package]] org = "ballerina" name = "io" -version = "1.3.0" +version = "1.3.1" scope = "testOnly" dependencies = [ {org = "ballerina", name = "jballerina.java"}, @@ -39,7 +39,7 @@ dependencies = [ [[package]] org = "ballerina" name = "log" -version = "2.4.0" +version = "2.4.1" scope = "testOnly" dependencies = [ {org = "ballerina", name = "io"}, @@ -54,7 +54,7 @@ modules = [ [[package]] org = "ballerina" name = "observe" -version = "1.0.5" +version = "1.0.6" scope = "testOnly" dependencies = [ {org = "ballerina", name = "jballerina.java"} @@ -75,7 +75,7 @@ modules = [ [[package]] org = "ballerina" name = "udp" -version = "1.4.0" +version = "1.4.1" dependencies = [ {org = "ballerina", name = "io"}, {org = "ballerina", name = "jballerina.java"}, From 0daa04971423edaaeb4413b29d5c8ba66e5ac371 Mon Sep 17 00:00:00 2001 From: MohamedSabthar Date: Fri, 20 Oct 2023 10:17:14 +0530 Subject: [PATCH 2/3] Update netty version --- gradle.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle.properties b/gradle.properties index 23a08f00..9dae6dca 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ org.gradle.caching=true group=io.ballerina.stdlib -version=1.4.0 +version=1.4.1-SNAPSHOT ballerinaLangVersion=2201.2.0 puppycrawlCheckstyleVersion=8.18 @@ -8,7 +8,7 @@ githubJohnrengelmanShadowVersion=5.2.0 checkstyleToolVersion=7.8.2 githubSpotbugsVersion=4.5.1 testngVersion=7.4.0 -nettyVersion=4.1.77.Final +nettyVersion=4.1.100.Final underCouchDownloadVersion=4.0.4 researchgateReleaseVersion=2.8.0 slf4jVersion=1.7.30 From c141ee95d065947ee2b8d6614646c58ecef4e9e4 Mon Sep 17 00:00:00 2001 From: MohamedSabthar Date: Fri, 20 Oct 2023 10:42:40 +0530 Subject: [PATCH 3/3] Update changelog --- changelog.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/changelog.md b/changelog.md index 53e5d282..55011f53 100644 --- a/changelog.md +++ b/changelog.md @@ -5,5 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ## [Unreleased] +### Fixed +- [Address netty vulnerability: CVE-2023-4586](https://github.com/ballerina-platform/ballerina-standard-library/issues/4908) + +## [1.1.0] - 2021-12-14 + ### Changed - [[#2398]Mark Service type as distinct](https://github.com/ballerina-platform/ballerina-standard-library/issues/2398)