Merge pull request #30 from DataDog/olivierg/fix-gson-cve

Fix a CVE in GSON
DataDog · Jun 7, 2022 · 3452e59 · 3452e59
2 parents e92a0ad + 40e4430
commit 3452e59
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,11 @@
 Changelog
 =========
 
+# 1.1.1 / 2022-06-07
+
+### Changes
+* Fix CVE-2022-25647 by upgrading the version of `com.google.code.gson` to `2.8.9`.
+
 # 1.1.0 / 2022-01-17
 
 ### Changes

diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
         <url>https://www.datadoghq.com/</url>
     </organization>
     <name>datadog-kafka-connect-logs</name>
-    <version>1.1.0</version>
+    <version>1.1.1</version>
     <description>A Kafka Connect Connector that sends Kafka Connect records as logs to the Datadog API.</description>
     <url>https://github.com/DataDog/datadog-kafka-connect-logs</url>
 
@@ -47,7 +47,7 @@
         <jetty.version>9.4.41.v20210516</jetty.version>
         <junit.version>4.13.1</junit.version>
         <java.version>1.8</java.version>
-        <gson.version>2.8.6</gson.version>
+        <gson.version>2.8.9</gson.version>
         <slf4j.version>1.7.32</slf4j.version>
 
         <kafka-connect-maven-plugin.version>0.11.3</kafka-connect-maven-plugin.version>