summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2023-02-21 17:25:12 +0100
committerThomas <>2023-02-21 17:25:12 +0100
commit3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19 (patch)
treef06d43daf301e2c30a73fa02369678b812f9ac36
parentdec2644d62af093a4c88298b9908d8d23b70b28d (diff)
downloadEAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.gz
EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.bz2
EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.zip
chore(libs): update third-party libs
- commons-fileupload to 1.5 to fix CVE-2023-24998
-rw-r--r--pom.xml20
1 files changed, 10 insertions, 10 deletions
diff --git a/pom.xml b/pom.xml
index 5d00318a..a4922e16 100644
--- a/pom.xml
+++ b/pom.xml
@@ -47,8 +47,8 @@
<io.grpc-core.version>1.42.1</io.grpc-core.version>
<!-- Other third-party libs -->
- <spring-boot-starter-web.version>2.6.12</spring-boot-starter-web.version>
- <org.springframework.version>5.3.23</org.springframework.version>
+ <spring-boot-starter-web.version>2.7.8</spring-boot-starter-web.version>
+ <org.springframework.version>5.3.25</org.springframework.version>
<org.opensaml.version>4.0.1</org.opensaml.version>
<org.apache.santuario.xmlsec.version>2.3.2</org.apache.santuario.xmlsec.version>
<org.cryptacular.version>1.2.5</org.cryptacular.version>
@@ -65,24 +65,24 @@
<org.apache.commons-collections>3.2.2</org.apache.commons-collections>
<org.apache.commons-collections4>4.4</org.apache.commons-collections4>
<commons-io.version>2.11.0</commons-io.version>
- <commons-fileupload.version>1.4</commons-fileupload.version>
+ <commons-fileupload.version>1.5</commons-fileupload.version>
<javax.servlet-api>3.0.1</javax.servlet-api>
<org.apache.velocity.version>2.3</org.apache.velocity.version>
<javax.annotation-api>1.3.2</javax.annotation-api>
- <joda-time.version>2.12.0</joda-time.version>
+ <joda-time.version>2.12.2</joda-time.version>
<jsr305.version>3.0.2</jsr305.version>
<com.google.guava.version>31.1-jre</com.google.guava.version>
<org.owasp.encoder.version>1.2.3</org.owasp.encoder.version>
- <httpclient.version>4.5.13</httpclient.version>
- <httpcore.version>4.4.15</httpcore.version>
+ <httpclient.version>4.5.14</httpclient.version>
+ <httpcore.version>4.4.16</httpcore.version>
- <com.fasterxml.jackson.core.version>2.13.4</com.fasterxml.jackson.core.version>
- <com.fasterxml.jackson.databind.version>2.13.4.2</com.fasterxml.jackson.databind.version>
- <gson.version>2.9.1</gson.version>
- <org.bitbucket.b_c.jose4j.version>0.9.1</org.bitbucket.b_c.jose4j.version>
+ <com.fasterxml.jackson.core.version>2.14.2</com.fasterxml.jackson.core.version>
+ <com.fasterxml.jackson.databind.version>2.14.2</com.fasterxml.jackson.databind.version>
+ <gson.version>2.10.1</gson.version>
+ <org.bitbucket.b_c.jose4j.version>0.9.3</org.bitbucket.b_c.jose4j.version>
<jaxen.jaxen.version>1.2.0</jaxen.jaxen.version>
<xerces.version>2.12.2</xerces.version>