From 92e77502bf4e23b9cd5955728915e80b34c691be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E9=9C=86=E5=AE=87?= <m202271705@hust.edu.cn>
Date: Thu, 20 Apr 2023 07:23:21 +0000
Subject: [PATCH 1/2] =?UTF-8?q?update=20pom.xml.=EF=BC=8C=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8DCVE-2022-25845=20The=20package=20com.alibaba:fastjson?=
 =?UTF-8?q?=20before=201.2.83=20are=20vulnerable=20to=20Deserialization=20?=
 =?UTF-8?q?of=20Untrusted=20Data=20by=20bypassing=20the=20default=20autoTy?=
 =?UTF-8?q?pe=20shutdown=20restrictions,=20which=20is=20possible=20under?=
 =?UTF-8?q?=20certain=20conditions.=20Exploiting=20this=20vulnerability=20?=
 =?UTF-8?q?allows=20attacking=20remote=20servers.=20Workaround:=20If=20upg?=
 =?UTF-8?q?rading=20is=20not=20possible,=20you=20can=20enable=20[safeMode]?=
 =?UTF-8?q?(https://github.com/alibaba/fastjson/wiki/fastjson=5Fsafemode).?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 王霆宇 <m202271705@hust.edu.cn>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index c2ffed8..188e184 100644
--- a/pom.xml
+++ b/pom.xml
@@ -116,7 +116,7 @@
         <dependency>
             <groupId>com.alibaba</groupId>
             <artifactId>fastjson</artifactId>
-            <version>1.2.75</version>
+            <version>1.2.83</version>
         </dependency>
     </dependencies>
 
-- 
Gitee


From d6938e354bab2f251ac1e17316281ab7b9f82fd2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E9=9C=86=E5=AE=87?= <m202271705@hust.edu.cn>
Date: Thu, 20 Apr 2023 07:26:47 +0000
Subject: [PATCH 2/2] =?UTF-8?q?update=20pom.xml.=E4=BF=AE=E5=A4=8DCVE-2023?=
 =?UTF-8?q?-20860=20Spring=20Framework=20running=20version=206.0.0=20-=206?=
 =?UTF-8?q?.0.6=20or=205.3.0=20-=205.3.25=20using=20"**"=20as=20a=20patter?=
 =?UTF-8?q?n=20in=20Spring=20Security=20configuration=20with=20the=20mvcRe?=
 =?UTF-8?q?questMatcher=20creates=20a=20mismatch=20in=20pattern=20matching?=
 =?UTF-8?q?=20between=20Spring=20Security=20and=20Spring=20MVC,=20and=20th?=
 =?UTF-8?q?e=20potential=20for=20a=20security=20bypass.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 王霆宇 <m202271705@hust.edu.cn>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 188e184..2b3ed1a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,7 +11,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.6.7</version>
+        <version>5.3.26</version>
     </parent>
 
     <properties>
-- 
Gitee