chore(libs): update third-party libs

- commons-fileupload to 1.5 to fix CVE-2023-24998
author: Thomas <> 2023-02-21 17:25:12 +0100
committer: Thomas <> 2023-02-21 17:25:12 +0100
commit: 3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19 (patch)
tree: f06d43daf301e2c30a73fa02369678b812f9ac36 /pom.xml
parent: dec2644d62af093a4c88298b9908d8d23b70b28d (diff)
download: EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.gz
EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.bz2
EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.zip
1 files changed, 10 insertions, 10 deletions
diff --git a/pom.xml b/pom.xml
index 5d00318a..a4922e16 100644
--- a/pom.xml
+++ b/pom.xml
@@ -47,8 +47,8 @@
     <io.grpc-core.version>1.42.1</io.grpc-core.version>
 
     <!-- Other third-party libs -->
-    <spring-boot-starter-web.version>2.6.12</spring-boot-starter-web.version>
-    <org.springframework.version>5.3.23</org.springframework.version>
+    <spring-boot-starter-web.version>2.7.8</spring-boot-starter-web.version>
+    <org.springframework.version>5.3.25</org.springframework.version>
     <org.opensaml.version>4.0.1</org.opensaml.version>
     <org.apache.santuario.xmlsec.version>2.3.2</org.apache.santuario.xmlsec.version>
     <org.cryptacular.version>1.2.5</org.cryptacular.version>
@@ -65,24 +65,24 @@
     <org.apache.commons-collections>3.2.2</org.apache.commons-collections>
     <org.apache.commons-collections4>4.4</org.apache.commons-collections4>
     <commons-io.version>2.11.0</commons-io.version>
-    <commons-fileupload.version>1.4</commons-fileupload.version>
+    <commons-fileupload.version>1.5</commons-fileupload.version>
 
     <javax.servlet-api>3.0.1</javax.servlet-api>
     
     <org.apache.velocity.version>2.3</org.apache.velocity.version>
     <javax.annotation-api>1.3.2</javax.annotation-api>
-    <joda-time.version>2.12.0</joda-time.version>
+    <joda-time.version>2.12.2</joda-time.version>
     <jsr305.version>3.0.2</jsr305.version>
     <com.google.guava.version>31.1-jre</com.google.guava.version>
     <org.owasp.encoder.version>1.2.3</org.owasp.encoder.version>
 
-    <httpclient.version>4.5.13</httpclient.version>
-    <httpcore.version>4.4.15</httpcore.version>
+    <httpclient.version>4.5.14</httpclient.version>
+    <httpcore.version>4.4.16</httpcore.version>
 
-    <com.fasterxml.jackson.core.version>2.13.4</com.fasterxml.jackson.core.version>
-    <com.fasterxml.jackson.databind.version>2.13.4.2</com.fasterxml.jackson.databind.version>
-    <gson.version>2.9.1</gson.version>
-    <org.bitbucket.b_c.jose4j.version>0.9.1</org.bitbucket.b_c.jose4j.version>
+    <com.fasterxml.jackson.core.version>2.14.2</com.fasterxml.jackson.core.version>
+    <com.fasterxml.jackson.databind.version>2.14.2</com.fasterxml.jackson.databind.version>
+    <gson.version>2.10.1</gson.version>
+    <org.bitbucket.b_c.jose4j.version>0.9.3</org.bitbucket.b_c.jose4j.version>
 
     <jaxen.jaxen.version>1.2.0</jaxen.jaxen.version>
     <xerces.version>2.12.2</xerces.version>
author	Thomas <>	2023-02-21 17:25:12 +0100
committer	Thomas <>	2023-02-21 17:25:12 +0100
commit	3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19 (patch)
tree	f06d43daf301e2c30a73fa02369678b812f9ac36 /pom.xml
parent	dec2644d62af093a4c88298b9908d8d23b70b28d (diff)
download	EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.gz EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.tar.bz2 EAAF-Components-3cf7fe7b2e4aacb8db664e94d0a4fd46ac75cf19.zip