From fb3781e0c849fddb8709c547ebcc90b233c3f992 Mon Sep 17 00:00:00 2001
From: Thulasi Dass Subramanian <thulasi_dass_subramanian@epam.com>
Date: Wed, 22 May 2024 14:10:43 +0000
Subject: [PATCH] [#MS39330] fix: resolve high vulnerabilities [core & azure]

---
 NOTICE                           |  1 +
 provider/partition-azure/pom.xml | 16 +++++++++-------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/NOTICE b/NOTICE
index 1530e360f..bbaf00c41 100644
--- a/NOTICE
+++ b/NOTICE
@@ -654,5 +654,6 @@ public-domain
 The following software have components provided under the terms of this license:
 
 - HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
+- JBoss Logging 3 (from http://www.jboss.org)
 - JSON in Java (from https://github.com/douglascrockford/JSON-java)
 - PostgreSQL JDBC Driver
diff --git a/provider/partition-azure/pom.xml b/provider/partition-azure/pom.xml
index 360f0e523..1092c7c26 100644
--- a/provider/partition-azure/pom.xml
+++ b/provider/partition-azure/pom.xml
@@ -16,7 +16,7 @@
   <properties>
     <osdu.corelibazure.version>0.26.0</osdu.corelibazure.version>
     <junit.version>4.13.2</junit.version>
-    <spring-webmvc.version>6.1.5</spring-webmvc.version>
+    <spring-framework-bom.version>6.1.6</spring-framework-bom.version>
     <reactor-core.version>3.6.4</reactor-core.version>
     <reactor-netty.version>1.1.17</reactor-netty.version>
     <nimbus-jose-jwt.version>9.30.2</nimbus-jose-jwt.version>
@@ -32,10 +32,17 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-framework-bom</artifactId>
+        <version>${spring-framework-bom.version}</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
       <dependency>
 	    <groupId>org.springframework.boot</groupId>
 	    <artifactId>spring-boot-dependencies</artifactId>
-	    <version>3.2.4</version>
+	    <version>3.2.5</version>
 	    <type>pom</type>
 	    <scope>import</scope>
 	  </dependency>
@@ -88,11 +95,6 @@
       <artifactId>core-lib-azure-spring6</artifactId>
       <version>${osdu.corelibazure.version}</version>
     </dependency>
-    <dependency>
-      <groupId>org.springframework</groupId>
-      <artifactId>spring-webmvc</artifactId>
-      <version>${spring-webmvc.version}</version>
-    </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-security</artifactId>
-- 
GitLab