From 89762399cb9be6c5c68f2dba8699913756e6fa89 Mon Sep 17 00:00:00 2001
From: Mikhail <miksolodovnikov@gmail.com>
Date: Thu, 29 Aug 2024 11:40:46 +0100
Subject: [PATCH] Update libs.versions.toml

Fix CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.

Bump up version of the gson package.

https://github.com/advisories/GHSA-4jrv-ppp4-jm57
---
 kotlin/gradle/libs.versions.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kotlin/gradle/libs.versions.toml b/kotlin/gradle/libs.versions.toml
index 71783e9ca34..35f032c6c4f 100644
--- a/kotlin/gradle/libs.versions.toml
+++ b/kotlin/gradle/libs.versions.toml
@@ -6,7 +6,7 @@ plugin-kotlin = "1.6.10"
 plugin-gver = "0.42.0"
 kotlinx-benchmark = "0.4.8"
 junit = "4.12"
-gson = "2.8.5"
+gson = "2.8.9"
 moshi-kotlin = "1.11.0"
 
 [libraries]