[JAVA-5026] Bump snappy-java and zstd-jni to latest Created: 15/Jun/23 Updated: 28/Oct/23 Resolved: 21/Jul/23 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | Security, Wire Protocol |
| Affects Version/s: | None |
| Fix Version/s: | 4.11.0 |
| Type: | Improvement | Priority: | Unknown |
| Reporter: | Jeffrey Yemin | Assignee: | Unassigned |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Documentation Changes: | Needed | ||||
| Documentation Changes Summary: | We need to update the documentation to update the snappy-java version. |
||||
| Description |
|
Inspired by https://github.com/johnlpage/POCDriver/pull/59. This fixes a bunch of CVEs reported against snappy-java. Also let's update zstandard dependency. Not sure if we could enable dependabot to do something similar for our repository. |
| Comments |
| Comment by Githook User [ 21/Jul/23 ] |
|
Author: {'name': 'Jeff Yemin', 'email': 'jeff.yemin@mongodb.com', 'username': 'jyemin'}Message: Bump snappy-java and zstd-jni dependencies
|