Skip to content
This repository was archived by the owner on Oct 10, 2025. It is now read-only.

Commit 3e2e6f2

Browse files
tabdunabitabdunabi
authored
Updates for release v1.0.9
 - Update java runtime libraries to address security vulnerabilities
2 parents 15a116d + 3f6317a commit 3e2e6f2

File tree

4 files changed

+32
-2
lines changed

4 files changed

+32
-2
lines changed

CHANGELOG.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
=======
99

10+
## [1.0.9] - 2024-05-16
11+
12+
### Update
13+
14+
- Updated java runtime libraries to patch vulnerabilities
15+
1016
## [1.0.8] - 2024-05-14
1117

1218
### Fixed

source/infrastructure/test/mock-lambda-func/java-lambda/pom.xml

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,16 +36,28 @@
3636
<groupId>software.amazon.awssdk</groupId>
3737
<artifactId>dynamodb</artifactId>
3838
</dependency>
39+
<dependency>
40+
<groupId>com.amazonaws</groupId>
41+
<artifactId>aws-java-sdk-xray</artifactId>
42+
<version>1.12.722</version>
43+
</dependency>
3944
<dependency>
4045
<groupId>software.amazon.lambda</groupId>
4146
<artifactId>powertools-tracing</artifactId>
4247
<version>1.18.0</version>
48+
<exclusions>
49+
<!-- upgrading to new version of x-ray sdk to address ion-java CVE -->
50+
<exclusion>
51+
<groupId>com.amazonaws</groupId>
52+
<artifactId>aws-java-sdk-xray</artifactId>
53+
</exclusion>
54+
</exclusions>
4355
</dependency>
4456
<dependency>
4557
<groupId>software.amazon.lambda</groupId>
4658
<artifactId>powertools-metrics</artifactId>
4759
<version>1.18.0</version>
48-
</dependency>
60+
</dependency>
4961
<dependency>
5062
<groupId>com.amazonaws</groupId>
5163
<artifactId>aws-lambda-java-core</artifactId>

source/lambda/layers/custom-java-sdk-config/pom.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,10 +38,22 @@
3838
</dependencies>
3939
</dependencyManagement>
4040
<dependencies>
41+
<dependency>
42+
<groupId>com.amazonaws</groupId>
43+
<artifactId>aws-java-sdk-xray</artifactId>
44+
<version>1.12.722</version>
45+
</dependency>
4146
<dependency>
4247
<groupId>software.amazon.lambda</groupId>
4348
<artifactId>powertools-tracing</artifactId>
4449
<version>1.18.0</version>
50+
<exclusions>
51+
<!-- upgrading to new version of x-ray sdk to address ion-java CVE -->
52+
<exclusion>
53+
<groupId>com.amazonaws</groupId>
54+
<artifactId>aws-java-sdk-xray</artifactId>
55+
</exclusion>
56+
</exclusions>
4557
</dependency>
4658
<dependency>
4759
<groupId>software.amazon.lambda</groupId>

source/ui/public/index.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
<link rel="icon" href="%PUBLIC_URL%/favicon.png" />
1212
<meta name="viewport" content="width=device-width, initial-scale=1" />
1313
<meta name="theme-color" content="#000000" />
14-
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; base-uri 'none'; upgrade-insecure-requests; img-src 'self' data: http://*.cloudfront.net https://*.amazonaws.com; script-src 'self' http://*.cloudfront.net https://*.amazonaws.com;
14+
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; base-uri 'none'; upgrade-insecure-requests; img-src 'self' data: https://*.cloudfront.net https://*.amazonaws.com; script-src 'self' https://*.cloudfront.net https://*.amazonaws.com;
1515
style-src 'self' https://*.amazonaws.com; object-src 'none'; font-src 'self' https: data:;
1616
manifest-src 'self'; connect-src 'self' https://*.amazonaws.com" />
1717
<title>Enhanced Document Understanding on AWS</title>

0 commit comments

Comments
 (0)