Move dependencies to dependency section from management section & bump versions to fix vulnerabilities #182

ganesh-ctds · 2025-06-03T03:28:31Z

Update activemq-client from 5.16.7 to 5.16.8 to fix CVE-2025-27533
Fix for commons configration exclusion in parent that was being overriden by child exclusion
Add netty to dependency section to fix vulnerability.
Add snakeyaml to dependency section to fix vulnerability.
Add protobuf,asynchttpclient,aircompressor dependencies in pulsar-jms module to make dependency tree use latest versions.
Jira Link: STREAM-652

…p versions to fix vulnerabilities

sandeep-ctds

@ganesh-ctds Please also verify Pulsar-JMS-Filters module. If it's pom also requires some dependencies declared.

otherwise LGTM

Move dependencies to dependency section from management section & bum…

022f888

…p versions to fix vulnerabilities

ganesh-ctds requested a review from sandeep-ctds June 3, 2025 03:28

ganesh-ctds self-assigned this Jun 3, 2025

ganesh-ctds mentioned this pull request Jun 3, 2025

Update activemq-client from 5.16.7 to 5.16.8 to fix CVE-2025-27533 #181

Closed

sandeep-ctds approved these changes Jun 3, 2025

View reviewed changes

sandeep-ctds merged commit a12881a into branch-6.0 Jun 6, 2025
3 of 4 checks passed

sandeep-ctds deleted the STREAM-652-fixes branch June 6, 2025 11:52

Provide feedback