honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Upgraded org.json dependency to 20231013 

* Upgrades org.json dependency to 20231013 (#862)
This commit is contained in:
lhazlewood 2023-10-14 17:20:25 -07:00 committed by GitHub
parent db339704e5
commit 28a2ca716a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md
View File

@ -1,5 +1,14 @@
## Release Notes
### 0.12.3
This patch release:
* Upgrades the `org.json` dependency to `20231013` to address that library's
[CVE-2023-5072](https://nvd.nist.gov/vuln/detail/CVE-2023-5072) vulnerability.
* (Re-)enables empty values for custom claims, which was the behavior in <= 0.11.5.
[Issue 858](https://github.com/jwtk/jjwt/issues/858).
### 0.12.2
This is a follow-up release to finalize the work in 0.12.1 that tried to fix a reflection scope problem

3
pom.xml
View File

@ -110,7 +110,7 @@
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
<jackson.version>2.12.7.1</jackson.version>
<orgjson.version>20230618</orgjson.version>
<orgjson.version>20231013</orgjson.version>
<gson.version>2.9.0</gson.version>
<maven.javadoc.additionalOptions />
@ -677,6 +677,7 @@
<properties>
<maven.jar.version>3.2.2</maven.jar.version>
<maven.compiler.version>3.8.1</maven.compiler.version>
<orgjson.version>20230618</orgjson.version>
<bcprov.artifactId>bcprov-jdk15to18</bcprov.artifactId>
<bcpkix.artifactId>bcpkix-jdk15to18</bcpkix.artifactId>
</properties>