honeymoose
/
hapi-fhir
mirror of https://github.com/hapifhir/hapi-fhir.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

H2 CVE (#3291) 

* Bump h2 to address CVE-2021-42392

* update changes.yaml
This commit is contained in:
Tadgh 2022-01-10 15:56:13 -08:00 committed by GitHub
parent 737409955a
commit fb453e139d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hapi-fhir-docs/src/main/resources/ca/uhn/hapi/fhir/changelog/5_7_0/changes.yaml
View File

@ -15,7 +15,7 @@
<li>Spring-Data (JPA): 2.5.0 -> 2.6.0</li>
<li>Hibernate ORM (JPA): 5.4.30.Final -> 5.4.33</li>
<li>Flyway (JPA): 6.5.4 -> 8.3.0</li>
<li>H2 (JPA): 1.4.200 -> 2.0.204 (Note that this change requires the use of the HapiFhirH2Dialect instead of the built-in Hibernate H2Dialect due to Hibernate issue <a href='https://hibernate.atlassian.net/browse/HHH-15002'>HHH-15002</a></li>
<li>H2 (JPA): 1.4.200 -> 2.0.206 (Note that this change requires the use of the HapiFhirH2Dialect instead of the built-in Hibernate H2Dialect due to Hibernate issue <a href='https://hibernate.atlassian.net/browse/HHH-15002'>HHH-15002</a></li>
<li>Commons-DBCP2 (JPA): .8.0 -> .8.0 -> 2.9.0</li>
<li>Swagger-Models (OpenAPI Support): 2.1.7 -> 2.1.12</li>
<li>Thymeleaf (Testpage Overlay): 3.0.12.RELEASE -> 3.0.14.RELEASE (Addresses CVE-2021-43466)</li>

2
pom.xml
View File

@ -962,7 +962,7 @@
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>2.0.204</version>
<version>2.0.206</version>
</dependency>
<dependency>
<groupId>com.helger</groupId>