From 3e1e5e281ad5ea3ffe4d4a6d09d160f9c611b1de Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 20 Mar 2023 10:50:54 +0100 Subject: chore(core): update third-party libs --- pdf-as-lib/build.gradle | 6 +++--- pdf-as-pdfbox-2/build.gradle | 2 +- pdf-as-web-db/build.gradle | 4 ++-- pdf-as-web/build.gradle | 7 +++---- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle index e63dfe2d..d5414fb9 100644 --- a/pdf-as-lib/build.gradle +++ b/pdf-as-lib/build.gradle @@ -69,7 +69,7 @@ dependencies { api group: 'javax.activation', name: 'activation', version: '1.1.1' api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1' api group: 'com.google.code.gson', name: 'gson', version: '2.10.1' - api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.9.2' + api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.9.3' api group: 'commons-io', name: 'commons-io', version: '2.11.0' api group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '2.3.3' api 'org.apache.commons:commons-collections4:4.4' @@ -80,8 +80,8 @@ dependencies { api files('libs/iaik_cms-5.1.1.jar') api group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion api group: 'org.slf4j', name: 'jcl-over-slf4j', version: slf4jVersion - api group: 'com.google.zxing', name: 'core', version: '3.4.1' - api group: 'com.google.zxing', name: 'javase', version: '3.4.1' + api group: 'com.google.zxing', name: 'core', version: '3.5.1' + api group: 'com.google.zxing', name: 'javase', version: '3.5.1' ws group: 'org.apache.cxf', name: 'cxf-tools', version: cxfVersion ws group: 'org.apache.cxf', name: 'cxf-tools-wsdlto-databinding-jaxb', version: cxfVersion diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle index 6a2a0bfa..e0f5df1c 100644 --- a/pdf-as-pdfbox-2/build.gradle +++ b/pdf-as-pdfbox-2/build.gradle @@ -32,7 +32,7 @@ releases.dependsOn sourcesJar dependencies { implementation project (':pdf-as-lib') implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion - implementation 'org.slf4j:jcl-over-slf4j:1.7.35' + implementation 'org.slf4j:jcl-over-slf4j:1.7.36' api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.27' api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.27' api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.27' diff --git a/pdf-as-web-db/build.gradle b/pdf-as-web-db/build.gradle index e2ee78cf..d09cd865 100644 --- a/pdf-as-web-db/build.gradle +++ b/pdf-as-web-db/build.gradle @@ -17,8 +17,8 @@ dependencies { implementation project (':pdf-as-web') implementation project (':pdf-as-web-status') implementation project (':pdf-as-web-statistic-api') - api "org.hibernate:hibernate-core:5.6.14.Final" - api "org.hibernate:hibernate-entitymanager:5.6.14.Final" + api "org.hibernate:hibernate-core:5.6.15.Final" + api "org.hibernate:hibernate-entitymanager:5.6.15.Final" implementation 'ch.qos.logback:logback-classic:1.2.11' implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion } diff --git a/pdf-as-web/build.gradle b/pdf-as-web/build.gradle index f5843650..d8117d3d 100644 --- a/pdf-as-web/build.gradle +++ b/pdf-as-web/build.gradle @@ -56,8 +56,7 @@ dependencies { api project (':pdf-as-web-status') api project (':pdf-as-web-statistic-api') api project (':pdf-as-pdfbox-2') - api group: 'commons-fileupload', name: 'commons-fileupload', version: '1.4' - // Upgrade dependency of commons-fileupload from 2.2 to 2.8.0 to avoid CVE-2021-29425 + api group: 'commons-fileupload', name: 'commons-fileupload', version: '1.5' api group: 'commons-io', name: 'commons-io', version: '2.11.0' api group: 'opensymphony', name: 'sitemesh', version: '2.4.2' api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1' @@ -71,10 +70,10 @@ dependencies { api 'com.thetransactioncompany:cors-filter:2.10' api 'ch.qos.logback:logback-classic:1.2.11' api 'ch.qos.logback:logback-core:1.2.11' - api 'org.json:json:20220924' + api 'org.json:json:20230227' api group: 'javax.jws', name: 'javax.jws-api', version: '1.1' compileOnly 'javax.servlet:javax.servlet-api:3.0.1' - testRuntime 'org.springframework:spring-test:5.2.22.RELEASE' + testRuntime 'org.springframework:spring-test:5.3.25' } -- cgit v1.2.3