From b43680f734d219d5ae2a1132f9286c62e6cf2503 Mon Sep 17 00:00:00 2001
From: JohnKeeney <john.keeney@est.tech>
Date: Tue, 1 Nov 2022 18:38:33 +0000
Subject: Update 3PPs

jackson-bom -> 2.13.4.2 (via spring-boot-starter:jar:2.6.11) to address CVE-2020-36518 & CVE-2022-42003 & CVE-2022-42004
log4j -> 2.17.2

Issue-ID: CCSDK-3618
Change-Id: Ic1660b18ebc2f9519bcbd5f767a0f22d2a1dd0db
Signed-off-by: JohnKeeney <john.keeney@est.tech>
---
 springboot/springboot26/pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'springboot/springboot26/pom.xml')

diff --git a/springboot/springboot26/pom.xml b/springboot/springboot26/pom.xml
index 02f04287..b73a2752 100644
--- a/springboot/springboot26/pom.xml
+++ b/springboot/springboot26/pom.xml
@@ -130,8 +130,8 @@
         <jersey.version>2.33</jersey.version>
         <jersey.client.version>2.33</jersey.client.version>
         <jettison.version>1.3.8</jettison.version>
-        <log4j.version>2.17.1</log4j.version>
-        <log4j2.version>2.17.1</log4j2.version>
+        <log4j.version>2.17.2</log4j.version>
+        <log4j2.version>2.17.2</log4j2.version>
         <logback.version>1.2.11</logback.version>
         <mariadb.connector.version>2.7.3</mariadb.connector.version>
         <mariadb4j.version>2.4.0</mariadb4j.version>
@@ -157,7 +157,7 @@
             <dependency>
                 <groupId>com.fasterxml.jackson</groupId>
                 <artifactId>jackson-bom</artifactId>
-                <version>2.13.3</version>
+                <version>2.14.0-rc1</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
-- 
cgit 1.2.3-korg