Up SnakeYAML to 1.33 and OWASP dep check to 7.2.1

Fixes CVE-2022-38752 (that was not applicable to our use case, BTW)
jkoenig-lithic · Oct 14, 2022 · cba2fc6 · cba2fc6
1 parent b9d22db
commit cba2fc6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/jpos/build.gradle b/jpos/build.gradle
@@ -4,7 +4,7 @@ buildscript {
     }
     dependencies {
         classpath 'biz.aQute.bnd:biz.aQute.bnd.gradle:5.3.0'
-        classpath 'org.owasp:dependency-check-gradle:6.1.5'
+        classpath 'org.owasp:dependency-check-gradle:7.2.1'
     }
 }
 apply plugin: 'biz.aQute.bnd.builder'

diff --git a/jpos/libraries.gradle b/jpos/libraries.gradle
@@ -25,7 +25,7 @@ ext {
         slf4j_api: "org.slf4j:slf4j-api:1.7.32",
         slf4j_nop: "org.slf4j:slf4j-nop:1.7.32",
         hdrhistogram: 'org.hdrhistogram:HdrHistogram:2.1.12',
-        yaml: "org.yaml:snakeyaml:1.28"
+        yaml: "org.yaml:snakeyaml:1.33"
     ]
 }