From e0b31e9a6d083ca4e67451260df29e8c9a75c844 Mon Sep 17 00:00:00 2001
From: Daniel Lehrner <daniel.lehrner@consensys.net>
Date: Wed, 19 Oct 2022 12:53:46 +0200
Subject: [PATCH] Upgrade Apache Commons Text to 1.10.0 (#4542)

* upgraded Apache Commons Text to fix CVE-2022-42889

Signed-off-by: Daniel Lehrner <daniel.lehrner@consensys.net>

* add changelog

Signed-off-by: garyschulte <garyschulte@gmail.com>

Signed-off-by: Daniel Lehrner <daniel.lehrner@consensys.net>
Signed-off-by: garyschulte <garyschulte@gmail.com>
Co-authored-by: garyschulte <garyschulte@gmail.com>
---
 CHANGELOG.md           | 1 +
 gradle/versions.gradle | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e739d02a71c..239432d066a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -30,6 +30,7 @@
 - Avoid a cyclic reference while printing EngineExchangeTransitionConfigurationParameter [#4357](https://github.com/hyperledger/besu/pull/4357)
 - Corrects treating a block as bad on internal error [#4512](https://github.com/hyperledger/besu/issues/4512)
 - In GraphQL update scalar parsing to be variable friendly [#4522](https://github.com/hyperledger/besu/pull/4522)
+- update appache-commons-text to 1.10.0 to address CVE-2022-42889 [#4542](https://github.com/hyperledger/besu/pull/4542) 
 
 ### Download Links
 
diff --git a/gradle/versions.gradle b/gradle/versions.gradle
index 059b35c05b1..24d21b96437 100644
--- a/gradle/versions.gradle
+++ b/gradle/versions.gradle
@@ -122,7 +122,7 @@ dependencyManagement {
 
     dependency 'org.apache.commons:commons-compress:1.21'
     dependency 'org.apache.commons:commons-lang3:3.12.0'
-    dependency 'org.apache.commons:commons-text:1.9'
+    dependency 'org.apache.commons:commons-text:1.10.0'
 
     dependency 'org.apache.logging.log4j:log4j-api:2.17.2'
     dependency 'org.apache.logging.log4j:log4j-core:2.17.2'