Updates jline to 3.25.0 to resolve CVE-2023-50572. (opensearch-projec…

…t#4020) Signed-off-by: David Venable <[email protected]>
engechas · Jan 30, 2024 · 8f0268b · 8f0268b
1 parent a255822
commit 8f0268b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/build.gradle b/build.gradle
@@ -206,6 +206,12 @@ subprojects {
                 }
                 because 'CVE from transitive dependencies'
             }
+            implementation('org.jline:jline') {
+                version {
+                    require '3.25.0'
+                }
+                because 'CVE-2023-50572'
+            }
             implementation('org.json:json') {
                 version {
                     require '20231013'

diff --git a/performance-test/build.gradle b/performance-test/build.gradle
@@ -42,6 +42,12 @@ dependencies {
             }
             because 'Fixes CVE-2023-46122'
         }
+        zinc('org.jline:jline') {
+            version {
+                require '3.25.0'
+            }
+            because 'CVE-2023-50572'
+        }
     }
 }