Skip to content

Commit

Permalink
Merge pull request #165 from bci-oss/bugfix/fix-security-issues
Browse files Browse the repository at this point in the history
Fix security issues
  • Loading branch information
tunacicek authored Oct 10, 2024
2 parents ef2d9c7 + 284e0de commit ab2e8b4
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 29 deletions.
45 changes: 19 additions & 26 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,86 +5,79 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres
to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## 0.4.0

## 0.5.0-RC1
### Added
### fixed
- Update Spring Boot to version 3.3.4
- Update lombok to version 1.18.34

## fixed
## 0.4.0
### Added
### fixed
- Implemented mandatory changes in licensing and legal documentation
- Updated spring boot version to 3.3.1

## 0.3.1
### Added
## fixed
### fixed
- security fix spring-web:6.1.5.jar

## 0.3.0
### Added
- Update Springboot to version 3.2.4
- Update Springboot to version 3.2.3
- Update postgres dependency version to 42.7.2

## fixed
### fixed

## 0.2.8
### Added
- new field "timeToLive" to DiscoveryEndpoint added, so that a time to live can be provided for the self registration at the DiscoveryFinder

## fixed
### fixed

## 0.2.7
### Added

## fixed
### fixed
- AUTHORS.md updated
- SECURITY.md updated
- Updated link to INSTALL.md at README.md to be reachable from DockerHub
- Spring Boot version updated to 3.1.6 to fix CVE-2023-46589 and CVE-2023-34053
- update logback version to fix CVE-2023-6378


## 0.2.6
### Added
- Introduced versioning of the APIs of the Discovery Services.First version of this API is 1.0

## fixed

### fixed

## 0.2.5-M1
### Added
- new workflow for testing Helm chart
- Resource Management has been improved

## fixed
### fixed

## 0.2.4-M1
### Added
- new resource management for Kubernetes added
- Adjustment done to the Helm Chart structure

## fixed

### fixed

## 0.2.3-M1
### Added
- Add legal information for distributions in jar

## fixed
### fixed

## 0.2.2-M1
### Added

## fixed
### fixed
- Fix CVE-2023-34035 (update springboot to version 3.1.2)

## 0.2.1-M1
### Added

## fixed
### fixed
- fix CVE-2023-20862
- fix CVE-2023-20873

## 0.2.0-M1
### Added
- Provide APIs to create, delete and update bpn-discoveries
-
## fixed
### fixed
6 changes: 3 additions & 3 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.3.1</version> <!-- need to be repeated in properties section for technical purposes -->
<version>3.3.4</version> <!-- need to be repeated in properties section for technical purposes -->
<relativePath/> <!-- lookup parent from repository and not the filesystem -->
</parent>

Expand Down Expand Up @@ -64,9 +64,9 @@

<!-- version properties -->
<!-- framework and base stuff -->
<spring.boot.version>3.3.1</spring.boot.version>
<spring.boot.version>3.3.4</spring.boot.version>
<spring-framework.version>6.1.6</spring-framework.version>
<lombok.version>1.18.24</lombok.version>
<lombok.version>1.18.34</lombok.version>
<openapi-starter-webmvc-ui.version>2.0.2</openapi-starter-webmvc-ui.version>
<swagger-annotations.version>1.5.20</swagger-annotations.version>
<swagger-core-version>2.0.0</swagger-core-version>
Expand Down

0 comments on commit ab2e8b4

Please sign in to comment.