From 9aae8448405c93c5384be3a33b52bd4434faf972 Mon Sep 17 00:00:00 2001
From: Gerald Palfinger <gerald.palfinger@iaik.tugraz.at>
Date: Mon, 13 Dec 2021 13:28:33 +0100
Subject: Update dependencies

---
 pdf-as-pdfbox-2/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pdf-as-pdfbox-2/build.gradle')

diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle
index 66c003ec..32d314ae 100644
--- a/pdf-as-pdfbox-2/build.gradle
+++ b/pdf-as-pdfbox-2/build.gradle
@@ -32,7 +32,7 @@ releases.dependsOn sourcesJar
 dependencies {
 	implementation project (':pdf-as-lib')
 	implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion
-	implementation 'org.slf4j:jcl-over-slf4j:1.7.30'
+	implementation 'org.slf4j:jcl-over-slf4j:1.7.32'
 	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.23'
 	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.23'
 	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.23'
-- 
cgit v1.2.3


From 88a6b34c4798f32c13de407aca57799a03ec8570 Mon Sep 17 00:00:00 2001
From: Gerald Palfinger <gerald.palfinger@iaik.tugraz.at>
Date: Mon, 13 Dec 2021 15:18:26 +0100
Subject: Update pdfbox

---
 pdf-as-pdfbox-2/build.gradle | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'pdf-as-pdfbox-2/build.gradle')

diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle
index 32d314ae..cb5ff296 100644
--- a/pdf-as-pdfbox-2/build.gradle
+++ b/pdf-as-pdfbox-2/build.gradle
@@ -33,9 +33,9 @@ dependencies {
 	implementation project (':pdf-as-lib')
 	implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion
 	implementation 'org.slf4j:jcl-over-slf4j:1.7.32'
-	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.23'
-	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.23'
-	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.23'
+	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.24'
+	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.24'
+	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.24'
 	implementation group: 'commons-io', name: 'commons-io', version: '2.8'
 	implementation group: 'ognl', name: 'ognl', version: '3.2.19'
 	testImplementation group: 'junit', name: 'junit', version: '4.+'
-- 
cgit v1.2.3


From 35c301bd555a0b790b2d6621ed2eff0f3bdbf400 Mon Sep 17 00:00:00 2001
From: Gerald Palfinger <gerald.palfinger@iaik.tugraz.at>
Date: Thu, 16 Dec 2021 16:25:40 +0100
Subject: Update commons-io

---
 pdf-as-lib/build.gradle      | 2 +-
 pdf-as-pdfbox-2/build.gradle | 2 +-
 pdf-as-web/build.gradle      | 2 ++
 3 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'pdf-as-pdfbox-2/build.gradle')

diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle
index 6adbcc7e..cf15a9c8 100644
--- a/pdf-as-lib/build.gradle
+++ b/pdf-as-lib/build.gradle
@@ -70,7 +70,7 @@ dependencies {
 	api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
 	api group: 'com.google.code.gson', name: 'gson', version: '2.8.6'
 	api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.7.6'
-	api group: 'commons-io', name: 'commons-io', version: '2.8'
+	api group: 'commons-io', name: 'commons-io', version: '2.8.0'
 	api group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '2.3.3'
 	api 'org.apache.commons:commons-collections4:4.4'
 	api group: 'ognl', name: 'ognl', version: '3.2.19'
diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle
index cb5ff296..606ebc70 100644
--- a/pdf-as-pdfbox-2/build.gradle
+++ b/pdf-as-pdfbox-2/build.gradle
@@ -36,7 +36,7 @@ dependencies {
 	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.24'
 	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.24'
 	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.24'
-	implementation group: 'commons-io', name: 'commons-io', version: '2.8'
+	implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
 	implementation group: 'ognl', name: 'ognl', version: '3.2.19'
 	testImplementation group: 'junit', name: 'junit', version: '4.+'
 	
diff --git a/pdf-as-web/build.gradle b/pdf-as-web/build.gradle
index 3d43861b..4752ed67 100644
--- a/pdf-as-web/build.gradle
+++ b/pdf-as-web/build.gradle
@@ -52,6 +52,8 @@ dependencies {
 	api project (':pdf-as-web-status')
 	api project (':pdf-as-web-statistic-api')
 	api group: 'commons-fileupload', name: 'commons-fileupload', version: '1.4'
+	// Upgrade dependency of commons-fileupload from 2.2 to 2.8.0 to avoid CVE-2021-29425
+	api group: 'commons-io', name: 'commons-io', version: '2.8.0'
 	api group: 'opensymphony', name: 'sitemesh', version: '2.4.2'
 	api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
     api group: 'javax.xml.ws', name: 'jaxws-api', version: '2.3.1'
-- 
cgit v1.2.3


From 4cb2ff10b3925c9234b8090b08fbd68584617ada Mon Sep 17 00:00:00 2001
From: Gerald Palfinger <gerald.palfinger@iaik.tugraz.at>
Date: Wed, 22 Dec 2021 16:54:48 +0100
Subject: Update logback (CVE-2021-42550) + other dependencies

---
 pdf-as-cli/build.gradle      | 2 +-
 pdf-as-lib/build.gradle      | 2 +-
 pdf-as-moa/build.gradle      | 2 +-
 pdf-as-pdfbox-2/build.gradle | 6 +++---
 pdf-as-web-db/build.gradle   | 2 +-
 pdf-as-web/build.gradle      | 4 ++--
 6 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'pdf-as-pdfbox-2/build.gradle')

diff --git a/pdf-as-cli/build.gradle b/pdf-as-cli/build.gradle
index 169355b4..cb365244 100644
--- a/pdf-as-cli/build.gradle
+++ b/pdf-as-cli/build.gradle
@@ -35,7 +35,7 @@ dependencies {
     implementation group: 'commons-collections', name: 'commons-collections', version: '3.2.2'
 	implementation group: 'commons-cli', name: 'commons-cli', version: '1.2'
 	implementation group: 'javax.activation', name: 'activation', version: '1.1.1'
-	implementation 'ch.qos.logback:logback-classic:1.2.8'
+	implementation 'ch.qos.logback:logback-classic:1.2.9'
     testImplementation group: 'junit', name: 'junit', version: '4.+'
 }
 
diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle
index cf15a9c8..cff40ef0 100644
--- a/pdf-as-lib/build.gradle
+++ b/pdf-as-lib/build.gradle
@@ -68,7 +68,7 @@ dependencies {
     api group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.68'
 	api group: 'javax.activation', name: 'activation', version: '1.1.1'
 	api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
-	api group: 'com.google.code.gson', name: 'gson', version: '2.8.6'
+	api group: 'com.google.code.gson', name: 'gson', version: '2.8.9'
 	api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.7.6'
 	api group: 'commons-io', name: 'commons-io', version: '2.8.0'
 	api group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '2.3.3'
diff --git a/pdf-as-moa/build.gradle b/pdf-as-moa/build.gradle
index 62fa9530..fd438cbc 100644
--- a/pdf-as-moa/build.gradle
+++ b/pdf-as-moa/build.gradle
@@ -13,7 +13,7 @@ buildscript {
 		mavenLocal()
 		mavenCentral()
 	}
-	dependencies { classpath("commons-io:commons-io:2.4") }
+	dependencies { classpath("commons-io:commons-io:2.8.0") }
 }
 
 sourceSets {
diff --git a/pdf-as-pdfbox-2/build.gradle b/pdf-as-pdfbox-2/build.gradle
index 606ebc70..b37462bd 100644
--- a/pdf-as-pdfbox-2/build.gradle
+++ b/pdf-as-pdfbox-2/build.gradle
@@ -33,9 +33,9 @@ dependencies {
 	implementation project (':pdf-as-lib')
 	implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion
 	implementation 'org.slf4j:jcl-over-slf4j:1.7.32'
-	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.24'
-	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.24'
-	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.24'
+	api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.25'
+	api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.25'
+	api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.25'
 	implementation group: 'commons-io', name: 'commons-io', version: '2.8.0'
 	implementation group: 'ognl', name: 'ognl', version: '3.2.19'
 	testImplementation group: 'junit', name: 'junit', version: '4.+'
diff --git a/pdf-as-web-db/build.gradle b/pdf-as-web-db/build.gradle
index 7a104466..492e36d9 100644
--- a/pdf-as-web-db/build.gradle
+++ b/pdf-as-web-db/build.gradle
@@ -19,7 +19,7 @@ dependencies {
 	implementation project (':pdf-as-web-statistic-api')
 	api "org.hibernate:hibernate-core:5.6.2.Final"
 	api "org.hibernate:hibernate-entitymanager:5.6.2.Final"
-	implementation 'ch.qos.logback:logback-classic:1.2.8'
+	implementation 'ch.qos.logback:logback-classic:1.2.9'
 	implementation group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion
 	testImplementation group: 'junit', name: 'junit', version: '4.+'
 }
diff --git a/pdf-as-web/build.gradle b/pdf-as-web/build.gradle
index 4752ed67..64f17319 100644
--- a/pdf-as-web/build.gradle
+++ b/pdf-as-web/build.gradle
@@ -63,8 +63,8 @@ dependencies {
 	api 'org.apache.cxf:cxf-rt-transports-http:3.4.5'
 	api 'org.apache.cxf:cxf-rt-frontend-jaxws:3.4.5'
 	api 'com.thetransactioncompany:cors-filter:2.10'
-	api 'ch.qos.logback:logback-classic:1.2.8'
-	api 'ch.qos.logback:logback-core:1.2.8'
+	api 'ch.qos.logback:logback-classic:1.2.9'
+	api 'ch.qos.logback:logback-core:1.2.9'
 	api 'org.json:json:20210307'
 	api group: 'javax.jws', name: 'javax.jws-api', version: '1.1'
 	pdfbox2 project (':pdf-as-pdfbox-2')
-- 
cgit v1.2.3