Fix Spring vulneraibilities

NOTICE

@@ -347,6 +347,7 @@ The following software have components provided under the terms of this license:
 - Hamcrest (from http://hamcrest.org/JavaHamcrest/)
 - Hamcrest Core (from http://hamcrest.org/, http://hamcrest.org/JavaHamcrest/, https://repo1.maven.org/maven2/org/hamcrest/hamcrest-core)
 - JBoss Jakarta Annotations API (from <https://github.com/jboss/jboss-jakarta-annotations-api_spec>, https://github.com/jboss/jboss-jakarta-annotations-api_spec)
+- Jackson module: Afterburner (from http://wiki.fasterxml.com/JacksonHome, https://github.com/FasterXML/jackson-modules-base)
 - Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
 - Jakarta WebSocket - Server API (from https://projects.eclipse.org/projects/ee4j.websocket, https://repo1.maven.org/maven2/org/jboss/spec/javax/websocket/jboss-websocket-api_1.1_spec)
@@ -696,13 +697,6 @@ The following software have components provided under the terms of this license:
 
 - Netty/Codec (from https://repo1.maven.org/maven2/io/netty/netty-codec)
 
-========================================================================
-mit-old-style-no-advert
-========================================================================
-The following software have components provided under the terms of this license:
-
-- Brave (from https://repo1.maven.org/maven2/io/zipkin/brave/brave)
-
 ========================================================================
 public-domain
 ========================================================================

notification-core/pom.xml

@@ -17,9 +17,8 @@
 
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <groupId>org.opengroup.osdu</groupId>
+
     <artifactId>notification-core</artifactId>
-    <version>0.25.0-SNAPSHOT</version>
     <name>notification-core</name>
     <description>Core module for the notification service</description>
     <packaging>jar</packaging>

pom.xml

@@ -25,7 +25,7 @@
 		<java.version>17</java.version>
 		<maven.compiler.target>${java.version}</maven.compiler.target>
 		<maven.compiler.source>${java.version}</maven.compiler.source>
-		<os-core-common.version>0.24.0</os-core-common.version>
+		<os-core-common.version>0.25.0-rc2</os-core-common.version>
 		<log4j2.version>2.17.1</log4j2.version>
 		<json-smart.version>2.4.7</json-smart.version>
 		<openapi.version>1.6.14</openapi.version>
@@ -53,7 +53,7 @@
 			<dependency>
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-dependencies</artifactId>
-				<version>2.7.7</version>
+				<version>2.7.17</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>

provider/notification-aws/pom.xml

@@ -17,9 +17,8 @@
 
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <groupId>org.opengroup.osdu</groupId>
+
     <artifactId>notification-aws</artifactId>
-    <version>0.25.0-SNAPSHOT</version>
     <name>notification-aws</name>
     <description>AWS implementation for Notification service</description>
     <packaging>jar</packaging>
@@ -61,6 +60,11 @@
                 <groupId>org.springframework.data</groupId>
                 <artifactId>spring-data-mongodb</artifactId>
             </dependency>
+          	<dependency>
+		        <groupId>org.springframework.security</groupId>
+		        <artifactId>spring-security-core</artifactId>
+		        <version>5.8.2</version>
+		    </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -87,7 +91,6 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-actuator</artifactId>
         </dependency>
-
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-webmvc</artifactId>

provider/notification-azure/pom.xml

@@ -18,7 +18,6 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>notification-azure</artifactId>
-    <version>0.25.0-SNAPSHOT</version>
     <name>notification-azure</name>
     <description>Azure implementation for Notification service</description>
     <packaging>jar</packaging>
@@ -40,7 +39,6 @@
     <reactor.netty.version>0.11.0.RELEASE</reactor.netty.version>
     <reactor.core.version>3.3.0.RELEASE</reactor.core.version>
     <osdu.corelibazure.version>0.25.0-rc1</osdu.corelibazure.version>
-    <osdu.oscorecommon.version>0.24.0</osdu.oscorecommon.version>
     <junit.version>5.6.0</junit.version>
     <jjwt.version>3.8.1</jjwt.version>
     <mockito.version>2.23.0</mockito.version>
@@ -60,6 +58,20 @@
     <dependencies>
       <!-- netty-bom dependency to be declared before spring-boot-dependencies,
       to pull all netty-transitive dependencies with same version -->
+      <dependency>
+        <groupId>org.springframework.security</groupId>
+        <artifactId>spring-security-bom</artifactId>
+        <version>5.7.11</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
+      <dependency>
+	    <groupId>org.springframework.boot</groupId>
+	    <artifactId>spring-boot-dependencies</artifactId>
+	    <version>2.7.17</version>
+	    <type>pom</type>
+	    <scope>import</scope>
+	  </dependency>
       <dependency>
         <groupId>io.netty</groupId>
         <artifactId>netty-bom</artifactId>
@@ -105,11 +117,6 @@
           <artifactId>log4j-jul</artifactId>
           <version>${log4j2.version}</version>
       </dependency>
-      <dependency>
-        <groupId>org.springframework.boot</groupId>
-        <artifactId>spring-boot-starter-webflux</artifactId>
-        <version>2.5.12</version>
-      </dependency>
       <dependency>
         <groupId>io.undertow</groupId>
         <artifactId>undertow-core</artifactId>
@@ -143,7 +150,7 @@
     <dependency>
       <groupId>org.opengroup.osdu</groupId>
       <artifactId>os-core-common</artifactId>
-      <version>${osdu.oscorecommon.version}</version>
+      <version>${os-core-common.version}</version>
     </dependency>
     <dependency>
       <groupId>org.opengroup.osdu</groupId>

provider/notification-gc/pom.xml

@@ -17,7 +17,6 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>notification-gc</artifactId>
-    <version>0.25.0-SNAPSHOT</version>
     <name>notification-gc</name>
     <description>Google Cloud implementation for Notification service</description>
     <packaging>jar</packaging>

provider/notification-ibm/pom.xml

@@ -14,9 +14,7 @@
 
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <groupId>org.opengroup.osdu</groupId>
     <artifactId>notification-ibm</artifactId>
-    <version>0.25.0-SNAPSHOT</version>
     <name>notification-ibm</name>
     <description>IBM implementation for Notification service</description>
     <packaging>jar</packaging>
@@ -44,7 +42,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>2.7.7</version>
+        <version>2.7.17</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>

testing/notification-test-aws/pom.xml

@@ -51,7 +51,6 @@
             <artifactId>notification-test-core</artifactId>
             <version>0.25.0-SNAPSHOT</version>
         </dependency>
-
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>

testing/notification-test-baremetal/pom.xml

@@ -46,7 +46,7 @@
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-common</artifactId>
-            <version>0.24.0</version>
+            <version>0.25.0-rc2</version>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>

testing/notification-test-core/pom.xml

@@ -61,7 +61,7 @@
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-common</artifactId>
-            <version>0.24.0</version>
+            <version>0.25.0-rc2</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.springframework.boot</groupId>

testing/notification-test-gc/pom.xml

@@ -46,7 +46,7 @@
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-common</artifactId>
-            <version>0.24.0</version>
+            <version>0.25.0-rc2</version>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>

testing/notification-test-ibm/pom.xml

@@ -50,7 +50,7 @@
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-common</artifactId>
-            <version>0.24.0</version>
+            <version>0.25.0-rc2</version>
         </dependency>