Fix JSON vulnerability CVE-2023-5072

luposlip · Oct 23, 2023 · 3ee9585 · 3ee9585
1 parent 3e35e80
commit 3ee9585
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,11 +2,17 @@
 
 All notable changes to this project will be documented in this file. This change log follows the conventions of [keepachangelog.com](http://keepachangelog.com/).
 
+## 0.4.2 - 2023-10-23
+
+### Fixed
+
+- Force update to `org.json/json` to version `20231013`, resolves CVE-2023-5072
+
 ## 0.4.1 - 2023-03-02
 
 ### Fixed
 
-- Force update to `org.json/json` version `20230227`, resolves CVE-2022-45688
+- Force update to `org.json/json` to version `20230227`, resolves CVE-2022-45688
 
 ## 0.4.0 - 2022-10-03
 

diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 # Clojure JSON Schema Validator & Generator
 
 ```clojure
-[luposlip/json-schema "0.4.1"]
+[luposlip/json-schema "0.4.2"]
 ```
 
 A Clojure library for:

diff --git a/project.clj b/project.clj
@@ -1,12 +1,11 @@
-(defproject luposlip/json-schema "0.4.1"
+(defproject luposlip/json-schema "0.4.2"
   :description "Clojure library for JSON Schema validation and generation - Draft-07 compatible"
   :url "https://github.com/luposlip/json-schema"
   :license {:name "Apache License, Version 2.0"
             :url "https://www.apache.org/licenses/LICENSE-2.0"}
   :dependencies [[org.clojure/clojure "1.11.1"]
-                 [cheshire "5.11.0"]
-                 [org.json/json "20230227"]
-                 [com.github.erosb/everit-json-schema "1.14.1" :exclusions [org.json/json]]]
+                 [cheshire "5.12.0"]
+                 [com.github.erosb/everit-json-schema "1.14.3"]]
   :global-vars {*warn-on-reflection* true}
   :repl-options {:init-ns json-schema.core}
   :profiles {:dev {:resource-paths ["test/resources"]}})