From 5ebcd1b0e6755113783df366eb4a5d2aab091303 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 22 Mar 2023 08:52:05 +0100
Subject: chore(core): update third-party libs

Inlcude Spring 5.3.26 to fix CVE-2023-20859, CVE-2023-20861, CVE-2023-20860
---
 pom.xml | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index a4922e16..c7414179 100644
--- a/pom.xml
+++ b/pom.xml
@@ -44,11 +44,11 @@
     <iaik.prod.iaik_xsect.version>2.14_moa</iaik.prod.iaik_xsect.version>
 
     <hsm-facade-provider.version>0.9.1</hsm-facade-provider.version>
-    <io.grpc-core.version>1.42.1</io.grpc-core.version>
+    <io.grpc-core.version>1.53.0</io.grpc-core.version>
 
     <!-- Other third-party libs -->
-    <spring-boot-starter-web.version>2.7.8</spring-boot-starter-web.version>
-    <org.springframework.version>5.3.25</org.springframework.version>
+    <spring-boot-starter-web.version>2.7.9</spring-boot-starter-web.version>
+    <org.springframework.version>5.3.26</org.springframework.version>
     <org.opensaml.version>4.0.1</org.opensaml.version>
     <org.apache.santuario.xmlsec.version>2.3.2</org.apache.santuario.xmlsec.version>
     <org.cryptacular.version>1.2.5</org.cryptacular.version>
@@ -88,6 +88,9 @@
     <xerces.version>2.12.2</xerces.version>
     <xalan.version>2.7.1</xalan.version>
 
+    <woodstox-core.version>6.5.0</woodstox-core.version>
+    <snakeyaml.version>1.33</snakeyaml.version>
+
     <!-- jUnit testing -->
     <surefire.version>2.22.2</surefire.version>
     <junit-jupiter-api.version>5.8.2</junit-jupiter-api.version>
@@ -419,6 +422,21 @@
         <artifactId>provider</artifactId>
         <version>${hsm-facade-provider.version}</version>
       </dependency>
+	  <dependency>
+    	<groupId>io.grpc</groupId>
+    	<artifactId>grpc-protobuf</artifactId>
+    	<version>${io.grpc-core.version}</version>
+	  </dependency>
+	  <dependency>
+    	<groupId>io.grpc</groupId>
+    	<artifactId>grpc-netty-shaded</artifactId>
+    	<version>${io.grpc-core.version}</version>
+	  </dependency>
+	  <dependency>
+    	<groupId>io.grpc</groupId>
+    	<artifactId>grpc-stub</artifactId>
+    	<version>${io.grpc-core.version}</version>
+	  </dependency>	  	        
       <dependency>
         <groupId>io.grpc</groupId>
         <artifactId>grpc-core</artifactId>
@@ -662,6 +680,17 @@
         <version>${com.google.guava.version}</version>
       </dependency>
 
+      <dependency>
+        <groupId>com.fasterxml.woodstox</groupId>
+        <artifactId>woodstox-core</artifactId>
+        <version>${woodstox-core.version}</version>
+      </dependency> 
+      <dependency>
+        <groupId>org.yaml</groupId>
+        <artifactId>snakeyaml</artifactId>
+        <version>${snakeyaml.version}</version>
+      </dependency>      
+
       <!-- Testing -->
       <dependency>
         <groupId>org.springframework</groupId>
-- 
cgit v1.2.3