Updating Spring-security-web for Security Vulnerability

4bcfd1ba · Ayushi Srivastava · ad67f6d4 · 4bcfd1ba · 4bcfd1ba · 4bcfd1ba
Commit 4bcfd1ba authored 3 months ago by Ayushi Srivastava
--- a/pom.xml
+++ b/pom.xml
@@ -30,10 +30,11 @@
 		<json-smart.version>2.5.0</json-smart.version>
 		<openapi.version>2.6.0</openapi.version>
 		<spring-framework-version>6.1.13</spring-framework-version>
-		<spring-boot.version>3.3.4</spring-boot.version>
+		<spring-boot.version>3.3.5</spring-boot.version>
 		<netty.version>4.1.106.Final</netty.version>
 		<snakeyaml-version>2.0</snakeyaml-version>
 		<xnio-api.version>3.8.15.Final</xnio-api.version>
+		<spring.security.version>6.3.4</spring.security.version>
 	</properties>

 	<licenses>
@@ -48,6 +49,13 @@

 	<dependencyManagement>
 		<dependencies>
+			<dependency>
+                <groupId>org.springframework.security</groupId>
+                <artifactId>spring-security-bom</artifactId>
+                <version>${spring.security.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
 			<dependency>
 				<groupId> org.apache.logging.log4j</groupId>
 				<artifactId>log4j-bom</artifactId>

--- a/provider/notification-ibm/pom.xml
+++ b/provider/notification-ibm/pom.xml
@@ -30,7 +30,7 @@
        <java.version>17</java.version>
        <maven.compiler.target>${java.version}</maven.compiler.target>
        <maven.compiler.source>${java.version}</maven.compiler.source>
-        <spring-boot-maven-plugin.version>3.2.5</spring-boot-maven-plugin.version>
+        <spring-boot-maven-plugin.version>3.3.5</spring-boot-maven-plugin.version>

    </properties>

@@ -39,7 +39,7 @@
      <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-dependencies</artifactId>
-        <version>3.2.5</version>
+        <version>3.3.5</version>
        <type>pom</type>
        <scope>import</scope>
      </dependency>

--- a/testing/notification-test-aws/build-aws/push-endpoint/pom.xml
+++ b/testing/notification-test-aws/build-aws/push-endpoint/pom.xml
@@ -28,7 +28,7 @@ limitations under the License.
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.1.4</version>
+        <version>3.3.5</version>
        <relativePath/>
    </parent>