From ffca1cadfcd5c0b0d344c47173fc8197e8e0d821 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E9=80=B8=E6=89=AC?=
 <33390928+gdut-yy@users.noreply.github.com>
Date: Fri, 21 May 2021 14:41:36 +0800
Subject: [PATCH 1/2] Upgrade xstream-1.4.16 to 1.4.17

Upgrade xstream-1.4.16 to 1.4.17 for CVE-2021-29505.
---
 eureka-client/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eureka-client/build.gradle b/eureka-client/build.gradle
index 92e55ad07f..1bbbfdf5d9 100644
--- a/eureka-client/build.gradle
+++ b/eureka-client/build.gradle
@@ -7,7 +7,7 @@ configurations.all {
 
 dependencies {
     compile "com.netflix.netflix-commons:netflix-eventbus:0.3.0"
-    compile 'com.thoughtworks.xstream:xstream:1.4.16'
+    compile 'com.thoughtworks.xstream:xstream:1.4.17'
     compile "com.netflix.archaius:archaius-core:${archaiusVersion}"
     compile 'javax.ws.rs:jsr311-api:1.1.1'
     compile "com.netflix.servo:servo-core:${servoVersion}"

From f282a3e1bcd459cd2749419aa55f6f9d18964463 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E9=80=B8=E6=89=AC?=
 <33390928+gdut-yy@users.noreply.github.com>
Date: Fri, 21 May 2021 14:42:43 +0800
Subject: [PATCH 2/2] Upgrade xstream-1.4.16 to 1.4.17

Upgrade xstream-1.4.16 to 1.4.17 for CVE-2021-29505.
---
 eureka-core/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eureka-core/build.gradle b/eureka-core/build.gradle
index ff76b61dc2..8fb3fe1e15 100644
--- a/eureka-core/build.gradle
+++ b/eureka-core/build.gradle
@@ -7,7 +7,7 @@ dependencies {
     compile "com.amazonaws:aws-java-sdk-sts:${awsVersion}"
     compile "com.amazonaws:aws-java-sdk-route53:${awsVersion}"
     compile "javax.servlet:servlet-api:${servletVersion}"
-    compile 'com.thoughtworks.xstream:xstream:1.4.16'
+    compile 'com.thoughtworks.xstream:xstream:1.4.17'
     compile 'javax.ws.rs:jsr311-api:1.1.1'
 
     // These dependencies are marked 'compileOnly' in the client, but we need them always on the server