From 1d7baa9110798c8359c370e86e6ccacafc5fabc0 Mon Sep 17 00:00:00 2001
From: Felix Dittrich <31076102+f11h@users.noreply.github.com>
Date: Mon, 26 Sep 2022 15:56:22 +0200
Subject: [PATCH] Update Dependencies (#207)
---
owasp/suppressions.xml | 5 ++++-
pom.xml | 22 +++++-----------------
2 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/owasp/suppressions.xml b/owasp/suppressions.xml
index 5786d342..e6791d3d 100644
--- a/owasp/suppressions.xml
+++ b/owasp/suppressions.xml
@@ -19,7 +19,10 @@
Only affecting example code shipped with tomcat.
CVE-2022-34305
-
+
+
+ Bug is fixed with SnameYAML 1.32, but CVE Matcher is invalid
+ CVE-2022-38752
diff --git a/pom.xml b/pom.xml
index 3c4a02b1..54f04299 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.7.3
+ 2.7.4
@@ -46,16 +46,15 @@
7.1.2
5.7.3
1.18.24
- 4.15.0
+ 4.16.1
1.6.11
1.5.2.Final
1.70
3.1.0
1.14.1
- 4.41.0
- 2021.0.3
+ 4.42.0
+ 2021.0.4
2.1.214
- 5.6.11.Final
1.3.1
3.4.2
@@ -178,17 +177,11 @@
org.yaml
snakeyaml
- 1.31
+ 1.32
org.springframework.boot
spring-boot-starter-data-jpa
-
-
- org.hibernate
- hibernate-core
-
-
org.springframework.boot
@@ -245,11 +238,6 @@
${h2.version}
runtime
-
- org.hibernate
- hibernate-core
- ${hibernate.version}
-
org.mapstruct
mapstruct