Skip to content

Commit

Permalink
Security/fix CVE 2024 36114 (#57)
Browse files Browse the repository at this point in the history 
* Security update - fix for CVE-2024-36114
  • Loading branch information
@pj-spoelders
pj-spoelders committed Jun 4, 2024
1 parent ee61ff4 commit 40350a8
Show file tree
Hide file tree
Showing 11 changed files with 57 additions and 35 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/broken_links_checker.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 0 additions & 7 deletions .github/workflows/ci-build-next-java.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions .github/workflows/ci-build.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 5 additions & 9 deletions .github/workflows/dependencies_update.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions dependencies.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions doc/changes/changelog.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

31 changes: 31 additions & 0 deletions doc/changes/changes_2.0.5.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Virtual Schema for Document Data in Files on Azure Blob Storage 2.0.5, released 2024-06-04

Code name: Security update - fix for CVE-2024-36114

## Summary

Fixed CVE-2024-36114 https://github.com/advisories/GHSA-973x-65j7-xcf4.

## Security

* #56: CVE-2024-36114: io.airlift:aircompressor:jar:0.21:compile

## Dependency Updates

### Compile Dependency Updates

* Updated `com.exasol:virtual-schema-common-document-files:8.0.3` to `8.0.4`

### Test Dependency Updates

* Updated `com.exasol:virtual-schema-common-document-files:8.0.3` to `8.0.4`
* Updated `org.jacoco:org.jacoco.agent:0.8.11` to `0.8.12`

### Plugin Dependency Updates

* Updated `com.exasol:error-code-crawler-maven-plugin:2.0.2` to `2.0.3`
* Updated `com.exasol:project-keeper-maven-plugin:4.3.0` to `4.3.2`
* Updated `org.apache.maven.plugins:maven-enforcer-plugin:3.4.1` to `3.5.0`
* Updated `org.apache.maven.plugins:maven-jar-plugin:3.3.0` to `3.4.1`
* Updated `org.apache.maven.plugins:maven-toolchains-plugin:3.1.0` to `3.2.0`
* Updated `org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922` to `4.0.0.4121`
4 changes: 2 additions & 2 deletions doc/user_guide/user_guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ Next create the Adapter Script:
```sql
CREATE OR REPLACE JAVA ADAPTER SCRIPT ADAPTER.AZURE_BLOB_STORAGE_FILES_ADAPTER AS
%scriptclass com.exasol.adapter.RequestDispatcher;
%jar /buckets/bfsdefault/default/document-files-virtual-schema-dist-8.0.3-azure-blob-storage-2.0.4.jar;
%jar /buckets/bfsdefault/default/document-files-virtual-schema-dist-8.0.4-azure-blob-storage-2.0.5.jar;
/
```

Expand All @@ -30,7 +30,7 @@ CREATE OR REPLACE JAVA SET SCRIPT ADAPTER.IMPORT_FROM_AZURE_BLOB_STORAGE_DOCUMEN
CONNECTION_NAME VARCHAR(500))
EMITS(...) AS
%scriptclass com.exasol.adapter.document.UdfEntryPoint;
%jar /buckets/bfsdefault/default/document-files-virtual-schema-dist-8.0.3-azure-blob-storage-2.0.4.jar;
%jar /buckets/bfsdefault/default/document-files-virtual-schema-dist-8.0.4-azure-blob-storage-2.0.5.jar;
/
```

Expand Down
14 changes: 7 additions & 7 deletions pk_generated_parent.pom
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>azure-blob-storage-document-files-virtual-schema</artifactId>
<version>2.0.4</version>
<version>2.0.5</version>
<name>Virtual Schema for document data in files on Azure Blob Storage</name>
<description>Adapter for document data access from files from Azure Blob Storage.</description>
<url>https://github.com/exasol/azure-blob-storage-document-files-virtual-schema/</url>
<properties>
<vs-common-document-files.version>8.0.3</vs-common-document-files.version>
<vs-common-document-files.version>8.0.4</vs-common-document-files.version>
</properties>
<profiles>
<profile>
Expand Down Expand Up @@ -153,7 +153,7 @@
<plugin>
<groupId>com.exasol</groupId>
<artifactId>project-keeper-maven-plugin</artifactId>
<version>4.3.0</version>
<version>4.3.2</version>
<executions>
<execution>
<goals>
Expand Down Expand Up @@ -188,7 +188,7 @@
<parent>
<artifactId>azure-blob-storage-document-files-virtual-schema-generated-parent</artifactId>
<groupId>com.exasol</groupId>
<version>2.0.4</version>
<version>2.0.5</version>
<relativePath>pk_generated_parent.pom</relativePath>
</parent>
</project>
2 changes: 1 addition & 1 deletion src/test/java/com/exasol/adapter/document/files/IntegrationTestSetup.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
import jakarta.json.*;

public class IntegrationTestSetup implements AutoCloseable {
private static final String ADAPTER_JAR = "document-files-virtual-schema-dist-8.0.3-azure-blob-storage-2.0.4.jar";
private static final String ADAPTER_JAR = "document-files-virtual-schema-dist-8.0.4-azure-blob-storage-2.0.5.jar";
private final ExasolTestSetup exasolTestSetup;
private final Connection exasolConnection;
private final Statement exasolStatement;
Expand Down

0 comments on commit 40350a8

Please sign in to comment.