jackson-bom -> 2.13.4.2 (via spring-boot-starter:jar:2.6.11) to address CVE-2020-36518 & CVE-2022-42003 & CVE-2022-42004
log4j -> 2.17.2
Issue-ID: CCSDK-3618
Change-Id: Ic1660b18ebc2f9519bcbd5f767a0f22d2a1dd0db
Signed-off-by: JohnKeeney <john.keeney@est.tech>
<groupId>com.fasterxml.jackson</groupId>
<artifactId>jackson-bom</artifactId>
<!-- ODL Aluminum has 2.10.5 -->
- <version>2.12.4</version>
+ <version>2.14.0-rc1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j-impl</artifactId>
- <version>2.17.1</version>
+ <version>2.17.2</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
- <version>2.17.1</version>
+ <version>2.17.2</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
spring.version=5.3.22
springboot.httpcomponents.core.version=4.4.15
springboot.httpcomponents.client.version=4.5.13
-springboot.jackson.version=2.13.3
+springboot.jackson.version=2.14.0-rc1
springboot.logback.version=1.2.11
springboot.netty.ssl.version=2.0.50.Final
springboot.jersey.version=2.33
springboot.slf4j.version=1.7.36
springboot.springfox.version=3.0.0
-springboot.tomcat.jdbc.version=9.0.58
+springboot.tomcat.jdbc.version=9.0.58
\ No newline at end of file
<jersey.version>${springboot.jersey.version}</jersey.version>
<jersey.client.version>${springboot.jersey.version}</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>${springboot.logback.version}</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<jersey.version>${springboot.jersey.version}</jersey.version>
<jersey.client.version>${springboot.jersey.version}</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>${springboot.logback.version}</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<jersey.version>2.30.1</jersey.version>
<jersey.client.version>2.30.1</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>1.2.11</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<jersey.version>2.30.1</jersey.version>
<jersey.client.version>2.30.1</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>1.2.11</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<jersey.version>2.33</jersey.version>
<jersey.client.version>2.33</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>1.2.11</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<jersey.version>2.33</jersey.version>
<jersey.client.version>2.33</jersey.client.version>
<jettison.version>1.3.8</jettison.version>
- <log4j.version>2.17.1</log4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j.version>2.17.2</log4j.version>
+ <log4j2.version>2.17.2</log4j2.version>
<logback.version>1.2.11</logback.version>
<mariadb.connector.version>2.7.3</mariadb.connector.version>
<mariadb4j.version>2.4.0</mariadb4j.version>
<dependency>
<groupId>com.fasterxml.jackson</groupId>
<artifactId>jackson-bom</artifactId>
- <version>2.13.3</version>
+ <version>2.14.0-rc1</version>
<type>pom</type>
<scope>import</scope>
</dependency>