Skip to content
Snippets Groups Projects
Commit 03458290 authored by Cyril Dangerville's avatar Cyril Dangerville
Browse files

Merge branch 'release/3.0.5'

parents 188c22e1 f2ae1149
No related branches found
Tags release-3.0.5
No related merge requests found
......@@ -2,6 +2,16 @@
All notable changes to this project are documented in this file following the [Keep a CHANGELOG](http://keepachangelog.com) conventions. This project adheres to [Semantic Versioning](http://semver.org).
## 3.0.5
### Fixed
- CVEs by upgrading:
- Parent project (authzforce-ce-parent): 8.5.0
- Maven dependencies:
- authzforce-ce-xacml-model: 8.5.0
- com.github.everit-org.json-schema/org.everit.json.schema -> com.github.erosb/everit-json-schema: 1.14.2
- Spring Core: 5.3.29
- `authzforce-ce-xacml-model` dependency: missing `XacmlAttributeId` enum value for standard XACML 3.0 Core attribute `urn:oasis:names:tc:xacml:2.0:resource:target-namespace` (used for `<Content>` processing) has been added
## 3.0.4
### Fixed
- CVE-2021-22696 and CVE-2021-3046 fixed by upgrading **authzforce-ce-parent to v8.0.3**
......
<?xml version="1.0" encoding="UTF-8"?>
<suppressions
xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[
FP per issue https://github.com/jeremylong/DependencyCheck/issues/5545
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.json/json@.*$</packageUrl>
<vulnerabilityName>CVE-2022-45688</vulnerabilityName>
</suppress>
</suppressions>
\ No newline at end of file
......@@ -3,11 +3,11 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>8.0.3</version>
<version>8.5.0</version>
</parent>
<artifactId>authzforce-ce-xacml-json-model</artifactId>
<packaging>jar</packaging>
<version>3.0.4</version>
<version>3.0.5</version>
<name>${project.groupId}:${project.artifactId}</name>
<description>AuthzForce - Data model for JSON Profile of XACML 3.0</description>
<url>${project.url}</url>
......@@ -32,8 +32,8 @@
<artifactId>spring-core</artifactId>
</dependency>
<dependency>
<groupId>com.github.everit-org.json-schema</groupId>
<artifactId>org.everit.json.schema</artifactId>
<groupId>com.github.erosb</groupId>
<artifactId>everit-json-schema</artifactId>
</dependency>
<dependency>
<groupId>org.testng</groupId>
......@@ -147,12 +147,13 @@
<dependency>
<groupId>net.sf.saxon</groupId>
<artifactId>Saxon-HE</artifactId>
<!-- Must match the version in ivy.xml -->
<version>9.8.0-15</version>
</dependency>
<dependency>
<groupId>org.apache.ivy</groupId>
<artifactId>ivy</artifactId>
<version>2.4.0</version>
<version>2.5.1</version>
</dependency>
<dependency>
<groupId>ant-contrib</groupId>
......@@ -214,7 +215,7 @@
<!-- Using multiple test suites simplifies debugging and prevent some TestNG issues happening when reusing same class/methods over multiple tests in same test suite -->
<!-- <suiteXmlFile>src/test/suite.xml</suiteXmlFile> -->
<!-- </suiteXmlFiles> -->
<skipAfterFailureCount>1</skipAfterFailureCount>
<skipAfterFailureCount>0</skipAfterFailureCount>
<!-- redirectTestOutputToFile: set this to 'true' to redirect the unit test standard output to a file (found in reportsDirectory/testName-output.txt) -->
<redirectTestOutputToFile>false</redirectTestOutputToFile>
<systemPropertyVariables>
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......@@ -18,7 +18,6 @@
package org.ow2.authzforce.xacml.json.model.test;
import java.io.*;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.util.AbstractMap;
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......
/*
* Copyright 2012-2021 THALES.
* Copyright 2012-2023 THALES.
*
* This file is part of AuthzForce CE.
*
......@@ -33,7 +33,6 @@ import org.testng.annotations.Test;
import javax.xml.bind.JAXBException;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment