|
16 | 16 | <java.version>21</java.version> |
17 | 17 | <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> |
18 | 18 |
|
19 | | - <logback.version> 1.5.18 </logback.version> |
| 19 | + <logback.version> 1.5.32 </logback.version> |
20 | 20 | <slf4j.version> 2.0.17 </slf4j.version> |
21 | 21 |
|
22 | | - <jetty.version> 12.0.20</jetty.version> |
| 22 | + <jetty.version>12.0.33</jetty.version> |
| 23 | + <spring.version>5.3.39</spring.version> |
23 | 24 |
|
24 | 25 | </properties> |
25 | 26 |
|
|
119 | 120 | <dependency> |
120 | 121 | <groupId>com.googlecode.jdbc-proc.jdbc-proc</groupId> |
121 | 122 | <artifactId>jdbc-proc-daofactory-ee8</artifactId> |
122 | | - <version>2.0-5</version> |
| 123 | + <version>2.0-6</version> |
123 | 124 | </dependency> |
124 | 125 |
|
125 | 126 | <dependency> |
|
183 | 184 | <dependency> |
184 | 185 | <groupId>com.payneteasy</groupId> |
185 | 186 | <artifactId>jetty-util</artifactId> |
186 | | - <version>2.0-1</version> |
| 187 | + <version>2.0-2</version> |
187 | 188 | </dependency> |
188 | 189 |
|
189 | 190 | <dependency> |
190 | 191 | <groupId>org.hibernate.validator</groupId> |
191 | 192 | <artifactId>hibernate-validator</artifactId> |
192 | | - <version>7.0.4.Final</version> |
| 193 | + <version>7.0.5.Final</version> |
193 | 194 | </dependency> |
194 | 195 |
|
195 | 196 | <dependency> |
|
204 | 205 | <version>2.0-1</version> |
205 | 206 | </dependency> |
206 | 207 |
|
| 208 | + <!-- Jetty overrides to fix CVE-2025-5115, CVE-2026-1605, CVE-2025-11143 --> |
| 209 | + <dependency> |
| 210 | + <groupId>org.eclipse.jetty</groupId> |
| 211 | + <artifactId>jetty-server</artifactId> |
| 212 | + <version>${jetty.version}</version> |
| 213 | + </dependency> |
| 214 | + <dependency> |
| 215 | + <groupId>org.eclipse.jetty</groupId> |
| 216 | + <artifactId>jetty-io</artifactId> |
| 217 | + <version>${jetty.version}</version> |
| 218 | + </dependency> |
| 219 | + <dependency> |
| 220 | + <groupId>org.eclipse.jetty</groupId> |
| 221 | + <artifactId>jetty-http</artifactId> |
| 222 | + <version>${jetty.version}</version> |
| 223 | + </dependency> |
| 224 | + <dependency> |
| 225 | + <groupId>org.eclipse.jetty</groupId> |
| 226 | + <artifactId>jetty-util</artifactId> |
| 227 | + <version>${jetty.version}</version> |
| 228 | + </dependency> |
| 229 | + <dependency> |
| 230 | + <groupId>org.eclipse.jetty</groupId> |
| 231 | + <artifactId>jetty-security</artifactId> |
| 232 | + <version>${jetty.version}</version> |
| 233 | + </dependency> |
| 234 | + <dependency> |
| 235 | + <groupId>org.eclipse.jetty</groupId> |
| 236 | + <artifactId>jetty-session</artifactId> |
| 237 | + <version>${jetty.version}</version> |
| 238 | + </dependency> |
| 239 | + <dependency> |
| 240 | + <groupId>org.eclipse.jetty.ee8</groupId> |
| 241 | + <artifactId>jetty-ee8-nested</artifactId> |
| 242 | + <version>${jetty.version}</version> |
| 243 | + </dependency> |
| 244 | + <dependency> |
| 245 | + <groupId>org.eclipse.jetty.ee8</groupId> |
| 246 | + <artifactId>jetty-ee8-servlet</artifactId> |
| 247 | + <version>${jetty.version}</version> |
| 248 | + </dependency> |
| 249 | + <dependency> |
| 250 | + <groupId>org.eclipse.jetty.ee8</groupId> |
| 251 | + <artifactId>jetty-ee8-security</artifactId> |
| 252 | + <version>${jetty.version}</version> |
| 253 | + </dependency> |
| 254 | + |
| 255 | + <!-- Spring overrides to fix CVEs in transitive dependency from jdbc-proc --> |
| 256 | + <dependency> |
| 257 | + <groupId>org.springframework</groupId> |
| 258 | + <artifactId>spring-core</artifactId> |
| 259 | + <version>${spring.version}</version> |
| 260 | + </dependency> |
| 261 | + <dependency> |
| 262 | + <groupId>org.springframework</groupId> |
| 263 | + <artifactId>spring-beans</artifactId> |
| 264 | + <version>${spring.version}</version> |
| 265 | + </dependency> |
| 266 | + <dependency> |
| 267 | + <groupId>org.springframework</groupId> |
| 268 | + <artifactId>spring-jdbc</artifactId> |
| 269 | + <version>${spring.version}</version> |
| 270 | + </dependency> |
| 271 | + <dependency> |
| 272 | + <groupId>org.springframework</groupId> |
| 273 | + <artifactId>spring-tx</artifactId> |
| 274 | + <version>${spring.version}</version> |
| 275 | + </dependency> |
| 276 | + <dependency> |
| 277 | + <groupId>org.springframework</groupId> |
| 278 | + <artifactId>spring-aop</artifactId> |
| 279 | + <version>${spring.version}</version> |
| 280 | + </dependency> |
| 281 | + <dependency> |
| 282 | + <groupId>org.springframework</groupId> |
| 283 | + <artifactId>spring-context</artifactId> |
| 284 | + <version>${spring.version}</version> |
| 285 | + </dependency> |
| 286 | + <dependency> |
| 287 | + <groupId>org.springframework</groupId> |
| 288 | + <artifactId>spring-expression</artifactId> |
| 289 | + <version>${spring.version}</version> |
| 290 | + </dependency> |
| 291 | + |
207 | 292 | </dependencies> |
208 | 293 | </dependencyManagement> |
209 | 294 |
|
|
0 commit comments