mirror of
https://github.com/Alfresco/alfresco-transform-core.git
synced 2025-06-30 18:14:51 +00:00
PRODSEC-10088 Fix CVE Vulnerability CVE-2025-31672 in poi-ooxml-5.2.5.jar (#1085)
This commit is contained in:
Gerard Olenski
GitHub
parent
28c1e809d4
commit
da4e87d97f
10
pom.xml
10
pom.xml
@ -26,11 +26,10 @@
|
||||
<env.project_version>${project.version}</env.project_version>
|
||||
<dependency.jackson.version>2.18.2</dependency.jackson.version>
|
||||
<dependency.tika.version>2.9.2</dependency.tika.version>
|
||||
<dependency.poi.version>5.2.5</dependency.poi.version>
|
||||
<dependency.poi.version>5.4.1</dependency.poi.version>
|
||||
<dependency.commons-io.version>2.19.0</dependency.commons-io.version>
|
||||
<dependency.imaging.version>1.0.0-alpha5</dependency.imaging.version>
|
||||
<dependency.snakeyaml.version>2.3</dependency.snakeyaml.version>
|
||||
<!-- The override can be removed when logback version in spring-boot-starter-parent is updated and free of vulnerabilities -->
|
||||
<logback.version>1.5.16</logback.version>
|
||||
<!--The override can be removed when transitive (from tika) bouncycastle dependency is free of vulnerabilities-->
|
||||
<dependency.bouncycastle.version.override>1.79</dependency.bouncycastle.version.override>
|
||||
|
||||
@ -137,6 +136,11 @@
|
||||
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>commons-io</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
<version>${dependency.commons-io.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcmail-jdk18on</artifactId>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user