From 25d962b591bfd12f9dcd3d8cc13a667657e88a58 Mon Sep 17 00:00:00 2001 From: "Glen K. Peterson" Date: Fri, 17 Sep 2021 18:08:22 -0400 Subject: [PATCH] Bumped Junit dependency to fix CVE-2020-15250 Junit >= 4.7 and < 4.13.1 is vulnerable to https://nvd.nist.gov/vuln/detail/CVE-2020-15250 Sorry, I didn't build or test this change. --- libraries/kotlin.test/junit/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/kotlin.test/junit/build.gradle b/libraries/kotlin.test/junit/build.gradle index 92eb3c5c119..76d00f39d1e 100644 --- a/libraries/kotlin.test/junit/build.gradle +++ b/libraries/kotlin.test/junit/build.gradle @@ -15,7 +15,7 @@ sourceSets { dependencies { expectedBy project(':kotlin-test:kotlin-test-annotations-common') api project(':kotlin-test:kotlin-test-jvm') - api('junit:junit:4.12') + api('junit:junit:4.13.2') }