diff options
author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2020-06-22 10:44:54 +0200 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2020-06-22 20:04:33 +0000 |
commit | 29fbfe91f4c432dba3815275f7ab19778dbba5bc (patch) | |
tree | 9c85be9ab6dfd4055790037db7725d2e42013144 /build.gradle | |
parent | f21a11a263d2afe62622ad255fe79165c3ecc424 (diff) | |
download | sonarqube-29fbfe91f4c432dba3815275f7ab19778dbba5bc.tar.gz sonarqube-29fbfe91f4c432dba3815275f7ab19778dbba5bc.zip |
Upgrade Tomcat to 8.5.56
The vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-9484
is not exploitable but it generates a false-positive in SCA reports.
Upgrading kills the noise.
Diffstat (limited to 'build.gradle')
-rw-r--r-- | build.gradle | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/build.gradle b/build.gradle index ed6859c644e..97c3a849c23 100644 --- a/build.gradle +++ b/build.gradle @@ -273,7 +273,7 @@ subprojects { entry 'log4j-to-slf4j' entry 'log4j-core' } - dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.53') { + dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.56') { entry 'tomcat-embed-core' entry('tomcat-embed-jasper') { exclude 'org.eclipse.jdt.core.compiler:ecj' |