Skip to content

Commit

Permalink
Bumped spring security version to resolve CVE-2023-34042 (#285)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Chris-Hodgson-HMCTS
Chris-Hodgson-HMCTS authored May 28, 2024
1 parent dd39a5c commit caa6abe
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 5 deletions.
6 changes: 3 additions & 3 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ ext {
set('springCloudVersion', "2021.0.3")
}

ext['spring-security.version'] = '5.8.5'
ext['spring-security.version'] = '5.8.11'
ext['spring-framework.version'] = '5.3.27'
ext['snakeyaml.version'] = '2.0'
ext['jackson.version'] = '2.16.0'
Expand Down Expand Up @@ -220,8 +220,8 @@ jacocoTestReport {
dependencies {
implementation 'org.springframework.boot:spring-boot:2.7.12'

implementation 'ch.qos.logback:logback-classic:1.2.13'
implementation 'ch.qos.logback:logback-core:1.2.13'
implementation 'ch.qos.logback:logback-classic:1.2.13'
implementation 'ch.qos.logback:logback-core:1.2.13'

implementation group: 'org.springframework.boot', name: 'spring-boot-starter-web'
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-actuator'
Expand Down
2 changes: 0 additions & 2 deletions config/owasp/suppressions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
CVE-2023-4759 refer [Ticket]
CVE-2024-1597 refer [Ticket]
CVE-2023-34055 refer [Ticket]
CVE-2023-34042 refer [Ticket]
CVE-2022-45047 refer [Ticket]
CVE-2023-48795 refer [Ticket]
CVE-2023-35887 refer [Ticket]
Expand All @@ -16,7 +15,6 @@
<cve>CVE-2023-4759</cve>
<cve>CVE-2024-1597</cve>
<cve>CVE-2023-34055</cve>
<cve>CVE-2023-34042</cve>
<cve>CVE-2022-45047</cve>
<cve>CVE-2023-48795</cve>
<cve>CVE-2023-35887</cve>
Expand Down

0 comments on commit caa6abe

Please sign in to comment.