From 688aaf3ebfda83cdda4a6e6eaa59bf2661e0b5fc Mon Sep 17 00:00:00 2001
From: ZapBird <zhaolx5@asiainfo.com>
Date: Mon, 1 Aug 2022 10:29:07 +0800
Subject: [PATCH] Fix CVE-2022-25845. CVE-2022-25845: The package
 com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of
 Untrusted Data by bypassing the default autoType shutdown restrictions, which
 is possible under certain conditions. Exploiting this vulnerability allows
 attacking remote servers. Workaround: If upgrading is not possible, you can
 enable [safeMode]

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 2081c94..5e27abe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -124,7 +124,7 @@
       <dependency>
         <groupId>com.alibaba</groupId>
         <artifactId>fastjson</artifactId>
-        <version>1.2.76</version>
+        <version>1.2.83</version>
       </dependency>
       <!--quartz-->
       <dependency>