GraalVM 24.0.6, json-path 2.9.0 fixing vulns

Description

Upgrade graalvm from 22.3.2 to 23.0.6 fixing many security vulnerabilities:

https://security.snyk.io/package/maven/org.graalvm.sdk:graal-sdk

Upgrade json-path from 2.8.0 to 2.9.0 fixing a security vulnerability:

https://security.snyk.io/package/maven/com.jayway.jsonpath:json-path

Environment

None

Potential Workaround

None

Linked issues

relates to

RSRVR-131

mod-reservoir. Upgrade Vert.X to 4.5.3 for Quesnelia

Checklist

hide

Activity

Show:

Julian LadischJanuary 2, 2025 at 5:17 PM
Edited

This commit

https://github.com/folio-org/mod-reservoir/commit/ceb88311dcccffa60272f5e2a88b3c18c475c1a8

has bumped the versions:

vertx from 4.4.6 to 4.5.11
Netty from 4.1.100.Final to 4.1.115.Final

Remaining task:

Bump graalvm.
Bump json-path.

Done

Details
Assignee
Julian Ladisch
Reporter
Julian Ladisch
Labels
security
Priority
TBD
Development Team
Reservoir Dogs
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs

Created November 7, 2024 at 2:43 PM

Updated January 14, 2025 at 5:01 PM

Resolved January 14, 2025 at 5:01 PM

TestRail: Cases

TestRail: Runs

GraalVM 24.0.6, json-path 2.9.0 fixing vulns

Description

Environment

Potential Workaround

Linked issues

relates to

Checklist

Activity

Julian LadischJanuary 2, 2025 at 5:17 PMEdited

DetailsAssigneeJulian LadischJulian LadischReporterJulian LadischJulian LadischLabelssecurityPriorityTBDDevelopment TeamReservoir DogsTestRail: CasesOpen TestRail: CasesTestRail: RunsOpen TestRail: Runs

Details

Assignee

Reporter

Labels

Priority

Development Team

TestRail: Cases

TestRail: Runs

Julian LadischJanuary 2, 2025 at 5:17 PM
Edited

Details
Assignee
Julian Ladisch
Reporter
Julian Ladisch
Labels
security
Priority
TBD
Development Team
Reservoir Dogs
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs