2 anni fa · c0f73a2802
--- a/dist/linux/common/org.cryptomator.Cryptomator.metainfo.xml
+++ b/dist/linux/common/org.cryptomator.Cryptomator.metainfo.xml
@@ -66,6 +66,7 @@
 
				 	</content_rating>
			
 
				 
			
 
				 	<releases>
			
 
				+		<release date="2022-12-14" version="1.6.17"/>
			
 
				 		<release date="2022-12-06" version="1.6.16"/>
			
 
				 		<release date="2022-10-06" version="1.6.15"/>
			
 
				 		<release date="2022-08-31" version="1.6.14"/>
			
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
 
				 	<modelVersion>4.0.0</modelVersion>
			
 
				 	<groupId>org.cryptomator</groupId>
			
 
				 	<artifactId>cryptomator</artifactId>
			
 
				-	<version>1.6.16</version>
			
 
				+	<version>1.6.17</version>
			
 
				 	<name>Cryptomator Desktop App</name>
			
 
				 
			
 
				 	<organization>
			
@@ -27,6 +27,7 @@
 
				 		<nonModularGroupIds>com.github.serceman,com.github.jnr,org.ow2.asm,net.java.dev.jna,org.apache.jackrabbit,org.apache.httpcomponents,de.swiesend,org.purejava,com.github.hypfvieh</nonModularGroupIds>
			
 
				 
			
 
				 		<!-- cryptomator dependencies -->
			
 
				+		<cryptomator.cryptolib.version>2.1.1</cryptomator.cryptolib.version>
			
 
				 		<cryptomator.cryptofs.version>2.5.3</cryptomator.cryptofs.version>
			
 
				 		<cryptomator.integrations.version>1.2.0-beta1</cryptomator.integrations.version>
			
 
				 		<cryptomator.integrations.win.version>1.1.2</cryptomator.integrations.win.version>
			
@@ -57,12 +58,18 @@
 
				 
			
 
				 		<!-- build-time dependencies -->
			
 
				 		<jetbrains.annotations.version>23.0.0</jetbrains.annotations.version>
			
 
				-		<dependency-check.version>7.2.1</dependency-check.version>
			
 
				+		<dependency-check.version>7.4.0</dependency-check.version>
			
 
				 		<jacoco.version>0.8.8</jacoco.version>
			
 
				 	</properties>
			
 
				 
			
 
				 	<dependencies>
			
 
				 		<!-- Cryptomator Libs -->
			
 
				+		<dependency>
			
 
				+			<!-- needed due to https://github.com/cryptomator/cryptolib/issues/34-->
			
 
				+			<groupId>org.cryptomator</groupId>
			
 
				+			<artifactId>cryptolib</artifactId>
			
 
				+			<version>${cryptomator.cryptolib.version}</version>
			
 
				+		</dependency>
			
 
				 		<dependency>
			
 
				 			<groupId>org.cryptomator</groupId>
			
 
				 			<artifactId>cryptofs</artifactId>
			
--- a/src/main/java/org/cryptomator/common/settings/DeviceKey.java
+++ b/src/main/java/org/cryptomator/common/settings/DeviceKey.java
@@ -76,6 +76,11 @@ public class DeviceKey {
 
				 
			
 
				 	private P384KeyPair createAndStoreNewKeyPair(char[] passphrase, Path p12File) throws IOException {
			
 
				 		var keyPair = P384KeyPair.generate();
			
 
				+		var tmpFile = p12File.resolveSibling(p12File.getFileName().toString() + ".tmp");
			
 
				+		if(Files.exists(tmpFile)) {
			
 
				+			LOG.debug("Leftover from devicekey creation detected. Deleting {}", tmpFile);
			
 
				+			Files.delete(tmpFile);
			
 
				+		}
			
 
				 		LOG.debug("Store new device key to {}", p12File);
			
 
				 		keyPair.store(p12File, passphrase);
			
 
				 		return keyPair;
			
--- a/suppression.xml
+++ b/suppression.xml
@@ -35,13 +35,15 @@
 
				 		<cve>CVE-2022-25366</cve>
			
 
				 	</suppress>
			
 
				 
			
 
				+	<!-- Apache Commons-cli false positives below -->
			
 
				 	<suppress>
			
 
				 		<notes><![CDATA[
			
 
				 			False positive for commons-cli due, see https://github.com/jeremylong/DependencyCheck/pull/4148
			
 
				 		]]></notes>
			
 
				 		<gav regex="true">^commons\-cli:commons\-cli:.*$</gav>
			
 
				 		<cpe>cpe:/a:apache:james</cpe>
			
 
				-		<!-- while we are at it exclude also this fp -->
			
 
				+		<!-- while we are at it exclude also these fp -->
			
 
				 		<cpe>cpe:/a:spirit-project:spirit</cpe>
			
 
				+		<cpe>cpe:/a:apache:commons_net</cpe>
			
 
				 	</suppress>
			
 
				 </suppressions>