Update dependecies to address vulnerabilities

org.json.json 20220924 -> 20230227
  CVE-2022-45688

org.onap.ccsdk.parent.spring-boot-30-starter-parent 2.5.4 ->2.5.5
  org.springframework.boot.* 3.0.3 -> 3.0.6
    CVE-2023-28867
    CVE-2023-20873
    CVE-2023-1370
    CVE-2022-4492

  org.springframework.* 6.0.4 -> 6.0.8
    CVE-2023-20863
    CVE-2023-20861

  ch.qos.logback.* 1.4.5 -> 1.4.7

Issue-ID: CCSDK-3841
Change-Id: Ie458a6270aa68aeea36f5b56054603548265c97c
Signed-off-by: JohnKeeney <john.keeney@est.tech>

diff --git a/a1-policy-management/pom.xml b/a1-policy-management/pom.xml
index 1c26e94..d1bf04f 100644 (file)
--- a/a1-policy-management/pom.xml
+++ b/a1-policy-management/pom.xml
@@ -26,7 +26,7 @@
     <parent>
         <groupId>org.onap.ccsdk.parent</groupId>
         <artifactId>spring-boot-30-starter-parent</artifactId>
-        <version>2.5.4</version>
+        <version>2.5.5</version>
         <relativePath />
     </parent>
     <groupId>org.onap.ccsdk.oran</groupId>
@@ -37,7 +37,7 @@
         <java.version.source>17</java.version.source>
         <java.version.target>17</java.version.target>
         <gson.version>2.10.1</gson.version>
-        <json.version>20220924</json.version>
+        <json.version>20230227</json.version>
         <formatter-maven-plugin.version>2.22.0</formatter-maven-plugin.version>
         <spotless-maven-plugin.version>2.35.0</spotless-maven-plugin.version>
         <commons-io.version>2.11.0</commons-io.version>