From b79d941bd1e74b2e2d57430c480e3b8d706277d7 Mon Sep 17 00:00:00 2001
From: Julian Ladisch <julianladisch@users.noreply.github.com>
Date: Sat, 27 Jan 2024 23:48:41 +0100
Subject: [PATCH] EDGCOMMON-74: aws-java-sdk-ssm 1.12.645 removing ion-java
 1.0.2

https://issues.folio.org/browse/EDGCOMMON-74

Upgrade aws-java-sdk-ssm from 1.12.562 to 1.12.645.
This removes the dependency and usage of software.amazon.ion:ion-java@1.0.2
that has an Allocation of Resources Without Limits or Throttling vulnerability:

https://nvd.nist.gov/vuln/detail/CVE-2024-21634
https://github.com/aws/aws-sdk-java/issues/3077#issuecomment-1896650670
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 0553ccc..1e76bb0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -139,7 +139,7 @@
     <dependency>
       <groupId>com.amazonaws</groupId>
       <artifactId>aws-java-sdk-ssm</artifactId>
-      <version>1.12.562</version>
+      <version>1.12.645</version>
     </dependency>
     <dependency>
       <groupId>org.apache.httpcomponents</groupId>