Skip to content

Commit

Permalink
[7.67.x blue] Spring/SpringBoot upgrade to address CVEs in transitive…
Browse files Browse the repository at this point in the history
… dependencies (#2468)

* CVE-2023-34462 Upgrade netty-handler

* Spring/SpringBoot upgrade to address CVEs in transitive dependencies

* Revert "CVE-2023-34462 Upgrade netty-handler"

This reverts commit f724de8.

* Spring/SpringBoot upgrade to address CVEs in transitive dependencies

* Updated versions

* Added tomcat version

* Update pom.xml

---------

Co-authored-by: Abhishek Kumar <[email protected]>
  • Loading branch information
shreyeep and akumar074 authored Aug 2, 2024
1 parent ea6dc51 commit 2413677
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
2 changes: 1 addition & 1 deletion narayana-integration-bom/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<!-- narayana dependencies for tomcat and kie server -->
<version.org.jboss.narayana.tomcat>5.9.0.Final</version.org.jboss.narayana.tomcat>
<!-- DBCP connection pooling for Narayana -->
<version.org.apache.tomcat.tomcat-dbcp>9.0.83</version.org.apache.tomcat.tomcat-dbcp>
<version.org.apache.tomcat.tomcat-dbcp>9.0.86</version.org.apache.tomcat.tomcat-dbcp>

<version.org.jboss.transaction.spi>7.6.1.Final</version.org.jboss.transaction.spi>
<version.jakarta.transaction-api>1.3.3</version.jakarta.transaction-api>
Expand Down
9 changes: 6 additions & 3 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@
<version.org.apache.neethi>3.1.1</version.org.apache.neethi>
<version.org.apache.poi>4.1.2</version.org.apache.poi>
<version.org.apache.sshd>2.9.2</version.org.apache.sshd>
<version.org.apache.tomcat>9.0.83</version.org.apache.tomcat>
<version.org.apache.tomcat>9.0.86</version.org.apache.tomcat>
<version.org.apache.velocity>2.3</version.org.apache.velocity>
<version.org.apache.xmlbeans>3.1.0</version.org.apache.xmlbeans>
<version.org.apache.ws.xmlschema>2.2.5</version.org.apache.ws.xmlschema>
Expand Down Expand Up @@ -262,9 +262,12 @@
<version.org.sonatype.plexus.plexus-sec-dispatcher>2.0</version.org.sonatype.plexus.plexus-sec-dispatcher>
<version.org.sonatype.sisu>2.3.0</version.org.sonatype.sisu>
<version.org.sonatype.sisu.sisu-guice>3.2.3</version.org.sonatype.sisu.sisu-guice>
<version.org.springframework>5.3.27</version.org.springframework>
<version.org.springframework.boot>2.5.15</version.org.springframework.boot>
<version.org.springframework>5.3.34</version.org.springframework>
<version.org.springframework.boot>2.7.18</version.org.springframework.boot>
<version.org.springframework.osgi>1.2.1</version.org.springframework.osgi>
<!-- spring-security.version and tomcat.version overrides version from spring-boot-dependencies bom -->
<spring-security.version>5.7.12</spring-security.version>
<tomcat.version>9.0.86</tomcat.version>
<version.org.subethamail>1.2</version.org.subethamail>
<version.org.subethamail.subethasmtp>3.1.6</version.org.subethamail.subethasmtp>
<version.org.testcontainers>1.15.2</version.org.testcontainers>
Expand Down

0 comments on commit 2413677

Please sign in to comment.