0004966: Upgrade Jetty, BC, Kotlin, okhttp libraries - SymmetricDS

ID	Project	Category	View Status	Date Submitted	Last Update

0004966	SymmetricDS	Bug	public	2021-04-26 13:54	2021-04-28 19:10

Reporter	elong	Assigned To	elong
Priority	normal
Status	closed	Resolution	fixed
Product Version	3.12.0
Target Version	3.12.9	Fixed in Version	3.12.9

Summary	0004966: Upgrade Jetty, BC, Kotlin, okhttp libraries
Description	Upgrade dependent libraries that are coming up on security scans. Jetty has a local privilege escalation. We don't appear to be using any of the vulnerable APIs on the other libraries, but we need to upgrade to avoid the scan notifications.
Tags	security

Date Modified	Username	Field	Change
2021-04-26 13:54	elong	New Issue
2021-04-26 13:54	elong	Status	new => assigned
2021-04-26 13:54	elong	Assigned To	=> elong
2021-04-26 13:54	elong	Tag Attached: security
2021-04-26 13:55	elong	Status	assigned => resolved
2021-04-26 13:55	elong	Resolution	open => fixed
2021-04-26 13:55	elong	Fixed in Version	=> 3.12.9
2021-04-26 14:00	admin	Changeset attached	=> SymmetricDS 3.12 85b85b64
2021-04-28 19:10	admin	Status	resolved => closed

SymmetricDS: 3.12 85b85b64 2021-04-26 13:55:06 admin Details Diff	0004966: Upgrade Jetty, BC, Kotlin, okhttp libraries	Affected Issues 0004966
	mod - symmetric-assemble/common.gradle	Diff File
	mod - symmetric-core/build.gradle	Diff File