Merge pull request #3021 from gchq/dependabot/maven/java/avro.version…

…-1.12.0 Bump avro.version from 1.11.3 to 1.12.0 in /java
gchq · Aug 6, 2024 · b793c3a · b793c3a
2 parents 319d448 + 2ae7355
commit b793c3a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/code-style/dependency-check-suppressions.xml b/code-style/dependency-check-suppressions.xml
@@ -134,7 +134,7 @@
         We don't expose that page, so it won't be a problem.
         This is a provided dependency for the module bulk-import/bulk-import-runner.
         ]]></notes>
-        <filePath regex="true">^.*/avro-ipc-1\.11\.3\.jar/.*/jquery-.*\.js$</filePath>
+        <filePath regex="true">^.*/avro-ipc-1\.12\.0\.jar/.*/jquery-.*\.js$</filePath>
         <vulnerabilityName regex="true">.*</vulnerabilityName>
     </suppress>
     <suppress>

diff --git a/java/pom.xml b/java/pom.xml
@@ -90,7 +90,7 @@
         <!-- Hadoop declares an old version of Nimbus with vulnerabilities. Managed from 9.8.1. -->
         <nimbus-jose-jwt.version>9.40</nimbus-jose-jwt.version>
         <!-- Hadoop declares an old version of Avro with vulnerabilities. Managed from 1.7.7. -->
-        <avro.version>1.11.3</avro.version>
+        <avro.version>1.12.0</avro.version>
         <!-- Hadoop declares an old version of json-smart with vulnerabilities. Managed from 2.4.7. -->
         <json-smart.version>2.5.1</json-smart.version>
         <!-- Hadoop declares an old version of Kerby with vulnerabilities. Managed from 1.0.1. -->