From cbfb2318cf33b2881a54c41ee49f977b95d2f134 Mon Sep 17 00:00:00 2001
From: Christoph Pirkl <christoph.pirkl@exasol.com>
Date: Thu, 28 Sep 2023 09:00:18 +0200
Subject: [PATCH] #142: Fix CVE-2023-43642 in `org.xerial.snappy:snappy-java`
 (#143)

---
 doc/changes/changes_7.3.4.md | 7 +++++--
 pom.xml                      | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/doc/changes/changes_7.3.4.md b/doc/changes/changes_7.3.4.md
index 60246cf..d852d46 100644
--- a/doc/changes/changes_7.3.4.md
+++ b/doc/changes/changes_7.3.4.md
@@ -1,21 +1,24 @@
-# Virtual Schema for Document Data in Files 7.3.4, released 2023-09-27
+# Virtual Schema for Document Data in Files 7.3.4, released 2023-09-28
 
-Code name: Fix CVE-2023-42503 and CVE-2023-4759
+Code name: Fix CVE-2023-42503, CVE-2023-4759 and CVE-2023-43642
 
 ## Summary
 
 This release fixes the following vulnerabilities in dependencies:
 * CVE-2023-42503 in compile dependency `org.apache.commons:commons-compress`
+* CVE-2023-43642 in compile `org.xerial.snappy:snappy-java`
 * CVE-2023-4759 in test dependency `org.eclipse.jgit:org.eclipse.jgit`
 
 ## Security
 
 * #140: Fixed CVE-2023-42503 and CVE-2023-4759
+* #142: Fixed CVE-2023-43642 in `org.xerial.snappy:snappy-java`
 
 ## Dependency Updates
 
 ### Compile Dependency Updates
 
+* Updated `com.exasol:parquet-io-java:2.0.4` to `2.0.5`
 * Updated `com.exasol:virtual-schema-common-document:9.4.0` to `9.4.2`
 * Updated `io.deephaven:deephaven-csv:0.11.0` to `0.12.0`
 
diff --git a/pom.xml b/pom.xml
index 49c976e..2e0ca81 100644
--- a/pom.xml
+++ b/pom.xml
@@ -18,7 +18,7 @@
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>parquet-io-java</artifactId>
-            <version>2.0.4</version>
+            <version>2.0.5</version>
         </dependency>
         <!-- Test dependencies -->
         <dependency>