Skip to content

Update dependency org.apache.httpcomponents.client5:httpclient5 to v5.4.3 [SECURITY] #140

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 15, 2025
Merged

Update dependency org.apache.httpcomponents.client5:httpclient5 to v5.4.3 [SECURITY] #140

merged 1 commit into from
May 15, 2025

Conversation

@xdev-renovate
Copy link
Member

@xdev-renovate xdev-renovate commented Apr 25, 2025

This PR contains the following updates:

Package Type Update Change
org.apache.httpcomponents.client5:httpclient5 compile patch 5.4.1 -> 5.4.3

GitHub Vulnerability Alerts

CVE-2025-27820

A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

AB-xdev added a commit that referenced this pull request May 15, 2025
@AB-xdev
Merge pull request #140 from xdev-software/renovate/com.puppycrawl.to…
c6cda5b 
…ols-checkstyle-10.x

Update dependency com.puppycrawl.tools:checkstyle to v10.21.4
@xdev-renovate xdev-renovate force-pushed the renovate/maven-org.apache.httpcomponents.client5-httpclient5-vulnerability branch from b756942 to 63b6250 Compare May 15, 2025 12:40
@xdev-renovate xdev-renovate force-pushed the renovate/maven-org.apache.httpcomponents.client5-httpclient5-vulnerability branch from 63b6250 to 228de26 Compare May 15, 2025 12:42
@AB-xdev AB-xdev merged commit 0155450 into develop May 15, 2025
6 checks passed
@AB-xdev AB-xdev deleted the renovate/maven-org.apache.httpcomponents.client5-httpclient5-vulnerability branch May 15, 2025 12:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@xdev-renovate @AB-xdev