From 324f06b5c03f7b729103bc393f94578bb0757c55 Mon Sep 17 00:00:00 2001 From: "Juan J. Martinez" Date: Fri, 14 Jan 2022 07:27:28 +0000 Subject: Updated dependencies and Mill This fixes a security issue (medium severity) in logback-classic. --- CHANGES.md | 4 ++++ build.sc | 6 +++--- mill | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index ce31585..0951508 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,9 @@ # What's new? +## Release 1.3.4 - 2022-01-?? + + - Updated dependencies, this include a fix for CVE-2021-42550 in logback-classic. + ## Release 1.3.2 - 2022-01-02 - Fix: CGI directories are now resolved from more to less specific, independently of their order in the configuration file. This covers cases where for example 'dir' and 'dir/sub' are both CGI enabled. diff --git a/build.sc b/build.sc index 8f0b67d..83a7087 100644 --- a/build.sc +++ b/build.sc @@ -25,11 +25,11 @@ object server extends ScalaModule with ScalafmtModule with BuildInfo { def ivyDeps = Agg( - ivy"ch.qos.logback:logback-classic:1.2.7", + ivy"ch.qos.logback:logback-classic:1.2.10", ivy"com.github.pureconfig::pureconfig:0.17.1", ivy"com.github.scopt::scopt:4.0.1", - ivy"com.typesafe.akka::akka-stream:2.6.17", - ivy"org.bouncycastle:bcprov-jdk15to18:1.69", + ivy"com.typesafe.akka::akka-stream:2.6.18", + ivy"org.bouncycastle:bcprov-jdk15to18:1.70", ivy"org.log4s::log4s:1.10.0" ) diff --git a/mill b/mill index a6207bc..054a823 100755 --- a/mill +++ b/mill @@ -3,7 +3,7 @@ # This is a wrapper script, that automatically download mill from GitHub release pages # You can give the required mill version with MILL_VERSION env variable # If no version is given, it falls back to the value of DEFAULT_MILL_VERSION -DEFAULT_MILL_VERSION=0.9.9 +DEFAULT_MILL_VERSION=0.9.12 set -e -- cgit v1.2.3