ݹϢȫϢͨļ֣ⷢͰ˾ԴJavafastjsonڷл©fastjsonڶjavaΪɣ㷺javaӦõķ˴С߿©ʵʩļд롢αȹΪɷȨޱȡϢй©Ӱ졣˴¼Ӱfastjson 1.2.80֮ǰа汾ĿǰͰ˾ѷfastjson°汾1.2.83©ַΪhttps://github.com/alibaba/fastjson/releases/tag/1.2.83 λ߶ӣѸͨԤϽϵͳλʱŲӰȷȫǰ©ϵͳȫϷ繥¼ͬʱǿȫ⣬ӦͻҪѸٴòһʱ䱨档
Signed-off-by: October <githubgit@163.com>
This commit is contained in:
October
parent
82cf4e1775
commit
0e601d9d30
@ -52,6 +52,7 @@
|
||||
<easyexcel.verion>2.2.7</easyexcel.verion>
|
||||
<velocity.version>2.2</velocity.version>
|
||||
<screw.version>1.0.5</screw.version>
|
||||
<fastjson.version>2.0.4</fastjson.version>
|
||||
<guava.version>30.1.1-jre</guava.version>
|
||||
<guice.version>5.1.0</guice.version>
|
||||
<transmittable-thread-local.version>2.12.2</transmittable-thread-local.version>
|
||||
@ -475,6 +476,13 @@
|
||||
<version>${velocity.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--fastjson漏洞升级此次事件影响fastjson 1.2.80及之前所有版本 -->
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>fastjson</artifactId>
|
||||
<version>${fastjson.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>cn.smallbun.screw</groupId>
|
||||
<artifactId>screw-core</artifactId> <!-- 实现数据库文档 -->
|
||||
@ -483,6 +491,10 @@
|
||||
<exclusion>
|
||||
<groupId>org.freemarker</groupId>
|
||||
<artifactId>freemarker</artifactId> <!-- 移除 Freemarker 依赖,采用 Velocity 作为模板引擎 -->
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>fastjson</artifactId> <!-- 最新版screw-core1.0.5依赖fastjson1.2.73存在漏洞,移除。 -->
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user