Changed spring security version to resolve CVE (#682)

Co-authored-by: TomForniCGI <[email protected]>
hmcts · May 28, 2024 · 01a0a0e · 01a0a0e
1 parent 2212941
commit 01a0a0e
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/build.gradle b/build.gradle
@@ -44,7 +44,7 @@ pmd {
 
 
 ext['spring-framework.version'] = '5.3.27'
-ext['spring-security.version'] = '5.7.10'
+ext['spring-security.version'] = '5.7.11'
 ext['log4j2.version'] = '2.17.1'
 ext['jackson.version'] = '2.15.3'
 ext['snakeyaml.version'] = '2.0'

diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
@@ -9,7 +9,6 @@
         CVE-2023-34055 refer [Ticket]
         CVE-2023-20873 refer [Ticket]
         CVE-2023-34036 refer [Ticket]
-        CVE-2023-34042 refer [Ticket]
         CVE-2023-46589 refer [Ticket]</notes>
 <cve>CVE-2023-35116</cve>
 <cve>CVE-2022-45688</cve>
@@ -19,7 +18,6 @@
 <cve>CVE-2023-34055</cve>
 <cve>CVE-2023-20873</cve>
 <cve>CVE-2023-34036</cve>
-<cve>CVE-2023-34042</cve>
 <cve>CVE-2023-46589</cve>
 </suppress>
 </suppressions>