diff --git a/build.gradle b/build.gradle index 260912ae48..0b1810cd1d 100644 --- a/build.gradle +++ b/build.gradle @@ -163,30 +163,35 @@ subprojects { } because 'CVE from transitive dependencies' } + implementation('org.xerial.snappy:snappy-java') { + version { + require '1.1.10.1' + } + because 'Fixes CVE-2023-35165, CVE-2023-34455, CVE-2023-34453, CVE-2023-34454, CVE-2023-2976' + } } } - test { - useJUnitPlatform() - } configurations.all { resolutionStrategy.eachDependency { def details -> if (details.requested.group == 'io.netty') { if (details.requested.name == 'netty') { - details.useTarget group: 'io.netty', name: 'netty-all', version: '4.1.86.Final' + details.useTarget group: 'io.netty', name: 'netty-all', version: '4.1.96.Final' // replace with your desired version } else if (!details.requested.name.startsWith('netty-tcnative')) { - details.useVersion '4.1.86.Final' + details.useVersion '4.1.96.Final' details.because 'Fixes CVE-2022-41881, CVE-2021-21290 and CVE-2022-41915.' } } else if (details.requested.group == 'log4j' && details.requested.name == 'log4j') { details.useTarget group: 'org.apache.logging.log4j', name: 'log4j-1.2-api', version: '2.17.1' - } else if (details.requested.group == 'org.xerial.snappy' && details.requested.name == 'snappy-java') { - details.useTarget group: 'org.xerial.snappy', name: 'snappy-java', version: '1.1.10.1' } } } + test { + useJUnitPlatform() + } + build.dependsOn test jacocoTestReport { dependsOn test // tests are required to run before generating the report diff --git a/data-prepper-core/src/test/java/org/opensearch/dataprepper/peerforwarder/PeerForwarder_ClientServerIT.java b/data-prepper-core/src/test/java/org/opensearch/dataprepper/peerforwarder/PeerForwarder_ClientServerIT.java index ea0c018ee4..2b4d875e45 100644 --- a/data-prepper-core/src/test/java/org/opensearch/dataprepper/peerforwarder/PeerForwarder_ClientServerIT.java +++ b/data-prepper-core/src/test/java/org/opensearch/dataprepper/peerforwarder/PeerForwarder_ClientServerIT.java @@ -11,6 +11,7 @@ import com.linecorp.armeria.common.ClosedSessionException; import com.linecorp.armeria.common.HttpStatus; import com.linecorp.armeria.server.Server; +import io.netty.handler.ssl.NotSslRecordException; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Nested; @@ -326,7 +327,7 @@ void send_Events_to_server_when_expecting_SSL_should_throw(final boolean binaryC () -> client.serializeRecordsAndSendHttpRequest(outgoingRecords, LOCALHOST, pluginId, pipelineName).get()); assertThat(actualException.getCause(), instanceOf(UnprocessedRequestException.class)); - assertThat(actualException.getCause().getCause(), instanceOf(SSLHandshakeException.class)); + assertThat(actualException.getCause().getCause(), instanceOf(NotSslRecordException.class)); final Collection> receivedRecords = getServerSideRecords(peerForwarderProvider); assertThat(receivedRecords, notNullValue()); diff --git a/settings.gradle b/settings.gradle index 9178a01f05..7b2875f073 100644 --- a/settings.gradle +++ b/settings.gradle @@ -17,7 +17,7 @@ dependencyResolutionManagement { libs { version('slf4j', '2.0.6') library('slf4j-api', 'org.slf4j', 'slf4j-api').versionRef('slf4j') - version('armeria', '1.22.1') + version('armeria', '1.25.2') library('armeria-core', 'com.linecorp.armeria', 'armeria').versionRef('armeria') library('armeria-grpc', 'com.linecorp.armeria', 'armeria-grpc').versionRef('armeria') library('armeria-junit', 'com.linecorp.armeria', 'armeria-junit5').versionRef('armeria')