[MS-44047] remediate tomcat vulnerability

• update spring-boot version to 3.3.1 to remediate tomcat vulnerability.
• update core-lib-azure-spring6 to 0.27.0-rc3 .

mvn dependency:tree before changes:

[INFO] |  +- org.springframework.boot:spring-boot-starter-json:jar:3.2.2:compile
[INFO] |  \- org.springframework.boot:spring-boot-starter-tomcat:jar:3.2.2:compile
[INFO] |     +- org.apache.tomcat.embed:tomcat-embed-core:jar:10.1.18:compile
[INFO] |     \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:10.1.18:compile

mvn dependency:tree after changes:

[INFO] |  +- org.springframework.boot:spring-boot-starter-json:jar:3.3.1:compile
[INFO] |  \- org.springframework.boot:spring-boot-starter-tomcat:jar:3.3.1:compile
[INFO] |     +- org.apache.tomcat.embed:tomcat-embed-core:jar:10.1.25:compile
[INFO] |     \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:10.1.25:compile

assigned to @vidya

added 1 commit

• b37048b1 - update notice

Compare with previous version

marked this merge request as ready

changed the description

changed milestone to %M24 - Release 0.27

added Azure Common Code MRDependencies Upgrade Vulnerability Management labels

requested review from @thulasi_dass

added 2 commits

• d54d4e75 - update spring version
• 90a10657 - Merge branch 'az/vl-fix-tomcat-vul' of...

Compare with previous version

added 1 commit

• 2e7af490 - update azure pom

Compare with previous version

approved this merge request

requested review from @chad

approved this merge request

Hello Team,

Merging vulnerability fix MR with passing pipelines as per policy.

Thanks.

cc: @chad @lucynliu @danielscholl

mentioned in commit b4e948b6

merged

changed title from [MS-43510] remediate tomcat vulnerability to [MS-44047] remediate tomcat vulnerability