Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump org.simplejavamail:simple-java-mail from 8.5.1 to 8.10.1 #327

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump org.simplejavamail:simple-java-mail from 8.5.1 to 8.10.1 #327

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 6, 2024

Bumps org.simplejavamail:simple-java-mail from 8.5.1 to 8.10.1.

Release notes

Sourced from org.simplejavamail:simple-java-mail's releases.

v8.10.1 batch-module dependency fix

#510: Update upstream dependency generic-object-pool, which solves a critical bug when there are exceptions during allocation

v8.10.0 EmailConverter update

#508: [enhancement+bug] Make EmailConverter API more consistent regarding Session parameter, don't use Session.getDefaultInstance anymore and fix bug where emlToEmailBuilder used emlToMimeMessage

v8.9.0 - Security update

#507: [security] Update 3rd party dependencies to get rid of all currently known CVE issues

Changes:

Dependencies:

  • Spring 5.3.27 -> 5.3.34
  • Spring Boot 2.5.15 -> 2.7.18
  • commons-io 2.7 -> 2.11.0
  • utils-mail-smime 2.3.1 -> 2.3.3
    • org.bouncycastle:bcjmail-jdk15to18 1.75 -> org.bouncycastle:bcjmail-jdk18on 1.78.1
  • ical4j 2.2.4 -> ical4j-vcard 2.0.0-beta2

Other:

  • Junit 4 -> Junit 5 (including Mockito, AssertJ and got rid of Powermock)
  • maven-surefire-plugin 2.19.1 -> 3.2.5

v8.8.4 CVE smime-module (bouncycastle)

#506: [CVE] Upgrade utils-mail-smime dependency to 2.3.2, to resolve CVE issue in bouncycastle

v8.8.3

#502: [Bug] Message headers not treated with case insensitivity as per RFC, causing deviating headers to slip through the filters

v8.8.2

  • #495: Add config support for 'verifyingServerIdentity' with SMTP, also: since Angus 1.1.0 (8.6.0) server identity checks are on by default and can be countered by mailerBuilder.verifyingServerIdentity(false)
  • #501: [dependency] Update outlook-message-parser dependency, which has improved support for X500 addresses
  • #499 (fix): [maintenance] Added missing finer-grained DKIM Spring Boot properties

v8.8.1

#500: [bug] Fix parsing addresses from headers in EML files, like a Disposition-Notification-To with umlaut

v8.8.0 Enhanced DKIM API

  • #499: [Enhancement] Expose finer-grained DKIM configuration through the builder api and disable 'l-param' by default)

NOTE: this release changes the default for DKIM signing from 'l-param' true to false. If you rely on this feature, you need to enable it explicitly. Refer to the DKIM documentation for the update.

v8.7.1 Enhanced S/Mime API

  • v8.7.1 (20-March-2024): #498: [feature] Make S/MIME algorithms configurable (signature algorithm for signing, key encapsulation and cipher algorithms for encryption)
  • v8.7.1 (20-March-2024): #497: [bug] Order of attachments is lost when converting a MimeMessage to an Email

NOTE: this breaks the API for S/MIME related builder methods. Refer to the S/MIME documentation for the new API.

8.7.0: Ignore this version

Don't use this version, as the versioning was messed up here. Refer to 8.7.1 instead.

... (truncated)

Changelog

Sourced from org.simplejavamail:simple-java-mail's changelog.

https://www.simplejavamail.org

v8.10.0 - v8.10.1

  • v8.10.1 (04-May-2024): #510: Update upstream dependency generic-object-pool, which solves a critical bug when there are exceptions during allocation
  • v8.10.0 (30-April-2024): #508: [enhancement+bug] Make EmailConverter API more consistent regarding Session parameter, don't use Session.getDefaultInstance anymore and fix bug where emlToEmailBuilder used emlToMimeMessage

v8.10.0 (30-April-2024)

  • #508: [enhancement+bug] Make EmailConverter API more consistent regarding Session parameter, don't use Session.getDefaultInstance anymore and fix bug where emlToEmailBuilder used emlToMimeMessage

v8.9.0 (26-April-2024)

  • #507: [security] Update 3rd party dependencies to get rid of all currently known CVE issues (see issue for details)

v8.8.0 - v8.8.4

  • v8.8.4 (23-April-2024): #506: Upgrade utils-mail-smime dependency to 2.3.2, to resolve CVE issue in bouncycastle
  • v8.8.3 (13-April-2024): #502: [Bug] Message headers not treated with case insensitivity as per RFC, causing deviating headers to slip through the filters
  • v8.8.2 (05-April-2024): #495: Add config support for 'verifyingServerIdentity' with SMTP, also: since Angus 1.1.0 server identity checks are on by default and can be countered by mailerBuilder.verifyingServerIdentity(false)
  • v8.8.2 (05-April-2024): #501: [dependency] Update outlook-message-parser dependency, which has improved support for X500 addresses
  • v8.8.1 (04-April-2024): #500: [bug] Fix parsing addresses from headers in EML files, like a Disposition-Notification-To with umlaut
  • v8.8.0 (22-March-2024): #499: [Enhancement] Expose finer-grained DKIM configuration through the builder api and disable 'l-param' by default)

NOTE: this release changes the default for DKIM signing from 'l-param' true to false. If you rely on this feature, you need to enable it explicitly (see the updated https://www.simplejavamail.org/security.html#section-sending-dkim).

v8.7.0 - v8.7.1

  • v8.7.1 (20-March-2024): #498: [Enhancement] Make S/MIME algorithms configurable (signature algorithm for signing, key encapsulation and cipher algorithms for encryption)
  • v8.7.1 (20-March-2024): #497: [Bug] Order of attachments is lost when converting a MimeMessage to an Email
  • v8.7.0 (20-March-2024): don't use this version: versioning messed up

NOTE: this breaks the API for S/MIME related builder methods. Refer to the S/MIME documentation for the new API.

v8.6.0 - v8.6.3

  • v8.6.3 (13-February-2024): #491: [bug] Attachment body parts should separately parse Content-Disposition and ContentID, possible resulting in an downloadable attachment that is also embedded
  • v8.6.2 (27-January-2024): #493: [bug] don't require smime-module when adding collection of headers (also used when copying email)
  • v8.6.1 (18-January-2024): #487: Move header filtering from MimeMessageParser to EmailConverter, thereby enabling access to all parsed headers when using MimeMessageParser directly

... (truncated)

Commits
  • a0e17c0 released 8.10.1 [skip ci]
  • a96280b Preparing release 8.10.1
  • d9d274f Merge branch 'refs/heads/develop'
  • 153ac95 #510: Updated upstream dependency generic-object-pool to 2.3.1
  • 1d32a12 released 8.10.0 [skip ci]
  • ea603b6 Preparing release 8.10.0
  • d86eb35 #508: provide consistent api regarding Session parameter and use `Session.get...
  • 687ac7f released 8.9.0 [skip ci]
  • d09e642 Merge branch 'refs/heads/develop'
  • 04a91b9 Preparing release 8.9.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump org.simplejavamail:simple-java-mail from 8.5.1 to 8.10.1
d0b1881 
Bumps [org.simplejavamail:simple-java-mail](https://github.com/bbottema/simple-java-mail) from 8.5.1 to 8.10.1.
- [Release notes](https://github.com/bbottema/simple-java-mail/releases)
- [Changelog](https://github.com/bbottema/simple-java-mail/blob/master/RELEASE.txt)
- [Commits](bbottema/simple-java-mail@8.5.1...8.10.1)

---
updated-dependencies:
- dependency-name: org.simplejavamail:simple-java-mail
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 6, 2024

The following labels could not be found: type: dependencies, java.

@dependabot dependabot bot mentioned this pull request May 6, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
0 participants