Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency org.quartz-scheduler:quartz-jobs to v2.4.0-rc2 #450

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Sep 14, 2023

This PR contains the following updates:

Package Type Update Change
org.quartz-scheduler:quartz-jobs (source) compile minor 2.2.3 -> 2.4.0-rc2

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
Critical 9.8 CVE-2023-39017 #443

Release Notes

quartz-scheduler/quartz (org.quartz-scheduler:quartz-jobs)

v2.4.0-rc2

Compare Source

v2.4.0-rc1

Compare Source

v2.3.2: Quartz 2.3.2

Compare Source

This a bug fix release containing fixes for:

  • #​508 : Error with H2 1.4.200
  • #​505 : CronTrigger.getTriggerBuilder() changes misfire instruction from "ignore misfire" to "smart"
  • #​491 : StdJDBCDelegate.selectTriggerToAcquire may not respect maxCount
  • #​490 : Return at most maxCount triggers
  • #​482 : Update C3P0 version to 0.9.5.4 (CVE-2019-5427)
  • #​474 : StdSchedulerFactory ConcurrentModificationException reading system properties
  • #​467 : Security: XXE in initDocumentParser

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Sep 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants