Skip to content

Commit

Permalink
Update to version v1.0.9
Browse files Browse the repository at this point in the history 
- Update java runtime libraries to address security vulnerabilities
  • Loading branch information
@tabdunabi
tabdunabi authored May 16, 2024
2 parents ba62545 + 3e2e6f2 commit 856ca66
Show file tree
Hide file tree
Showing 4 changed files with 32 additions and 2 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

=======

## [1.0.9] - 2024-05-16

### Update

- Updated java runtime libraries to patch vulnerabilities

## [1.0.8] - 2024-05-14

### Fixed
Expand Down
14 changes: 13 additions & 1 deletion source/infrastructure/test/mock-lambda-func/java-lambda/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,16 +36,28 @@
<groupId>software.amazon.awssdk</groupId>
<artifactId>dynamodb</artifactId>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-xray</artifactId>
<version>1.12.722</version>
</dependency>
<dependency>
<groupId>software.amazon.lambda</groupId>
<artifactId>powertools-tracing</artifactId>
<version>1.18.0</version>
<exclusions>
<!-- upgrading to new version of x-ray sdk to address ion-java CVE -->
<exclusion>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-xray</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>software.amazon.lambda</groupId>
<artifactId>powertools-metrics</artifactId>
<version>1.18.0</version>
</dependency>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-lambda-java-core</artifactId>
Expand Down
12 changes: 12 additions & 0 deletions source/lambda/layers/custom-java-sdk-config/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,22 @@
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-xray</artifactId>
<version>1.12.722</version>
</dependency>
<dependency>
<groupId>software.amazon.lambda</groupId>
<artifactId>powertools-tracing</artifactId>
<version>1.18.0</version>
<exclusions>
<!-- upgrading to new version of x-ray sdk to address ion-java CVE -->
<exclusion>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-xray</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>software.amazon.lambda</groupId>
Expand Down
2 changes: 1 addition & 1 deletion source/ui/public/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
<link rel="icon" href="%PUBLIC_URL%/favicon.png" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="theme-color" content="#000000" />
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; base-uri 'none'; upgrade-insecure-requests; img-src 'self' data: http://*.cloudfront.net https://*.amazonaws.com; script-src 'self' http://*.cloudfront.net https://*.amazonaws.com;
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; base-uri 'none'; upgrade-insecure-requests; img-src 'self' data: https://*.cloudfront.net https://*.amazonaws.com; script-src 'self' https://*.cloudfront.net https://*.amazonaws.com;
style-src 'self' https://*.amazonaws.com; object-src 'none'; font-src 'self' https: data:;
manifest-src 'self'; connect-src 'self' https://*.amazonaws.com" />
<title>Enhanced Document Understanding on AWS</title>
Expand Down

0 comments on commit 856ca66

Please sign in to comment.