summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2022-10-20 08:47:49 +0200
committerThomas <>2022-10-20 08:47:49 +0200
commit39e3c5f9a65aac0fe214fc9d6fdca3494af368b2 (patch)
tree52cc0c43371b6fc73cc2664871ec9c95edffd91f
parenta093ee10bcfb4fb6e8ec84a0df35b5a50fc97789 (diff)
downloadEAAF-Components-39e3c5f9a65aac0fe214fc9d6fdca3494af368b2.tar.gz
EAAF-Components-39e3c5f9a65aac0fe214fc9d6fdca3494af368b2.tar.bz2
EAAF-Components-39e3c5f9a65aac0fe214fc9d6fdca3494af368b2.zip
chore(core): update third-party libs
include commons-text-1.10.0 to fix CVE-2022-42889
-rw-r--r--pom.xml12
1 files changed, 6 insertions, 6 deletions
diff --git a/pom.xml b/pom.xml
index c3f3b37a..c4db1073 100644
--- a/pom.xml
+++ b/pom.xml
@@ -50,18 +50,18 @@
<spring-boot-starter-web.version>2.6.12</spring-boot-starter-web.version>
<org.springframework.version>5.3.23</org.springframework.version>
<org.opensaml.version>4.0.1</org.opensaml.version>
- <org.apache.santuario.xmlsec.version>2.3.1</org.apache.santuario.xmlsec.version>
+ <org.apache.santuario.xmlsec.version>2.3.2</org.apache.santuario.xmlsec.version>
<org.cryptacular.version>1.2.5</org.cryptacular.version>
<org.bouncycastle.bcprov-jdk18on.version>1.71.1</org.bouncycastle.bcprov-jdk18on.version>
<org.bouncycastle.bctls-jdk18on.version>1.71.1</org.bouncycastle.bctls-jdk18on.version>
<org.slf4j.version>1.7.36</org.slf4j.version>
- <log4j.version>2.18.0</log4j.version>
+ <log4j.version>2.19.0</log4j.version>
<ch.qos.logback.version>1.2.11</ch.qos.logback.version>
<commons-codec.version>1.15</commons-codec.version>
<org.apache.commons-lang3.version>3.12.0</org.apache.commons-lang3.version>
- <org.apache.commons-text.version>1.9</org.apache.commons-text.version>
+ <org.apache.commons-text.version>1.10.0</org.apache.commons-text.version>
<org.apache.commons-collections>3.2.2</org.apache.commons-collections>
<org.apache.commons-collections4>4.4</org.apache.commons-collections4>
<commons-io.version>2.11.0</commons-io.version>
@@ -71,7 +71,7 @@
<org.apache.velocity.version>2.3</org.apache.velocity.version>
<javax.annotation-api>1.3.2</javax.annotation-api>
- <joda-time.version>2.11.0</joda-time.version>
+ <joda-time.version>2.12.0</joda-time.version>
<jsr305.version>3.0.2</jsr305.version>
<com.google.guava.version>31.1-jre</com.google.guava.version>
<org.owasp.encoder.version>1.2.3</org.owasp.encoder.version>
@@ -80,9 +80,9 @@
<httpcore.version>4.4.15</httpcore.version>
<com.fasterxml.jackson.core.version>2.13.4</com.fasterxml.jackson.core.version>
- <com.fasterxml.jackson.databind.version>2.13.4</com.fasterxml.jackson.databind.version>
+ <com.fasterxml.jackson.databind.version>2.13.4.2</com.fasterxml.jackson.databind.version>
<gson.version>2.9.1</gson.version>
- <org.bitbucket.b_c.jose4j.version>0.8.0</org.bitbucket.b_c.jose4j.version>
+ <org.bitbucket.b_c.jose4j.version>0.9.1</org.bitbucket.b_c.jose4j.version>
<jaxen.jaxen.version>1.2.0</jaxen.jaxen.version>
<xerces.version>2.12.2</xerces.version>