Merge pull request #678 from hmcts/CCD-4969-CVE-2023-34034

CCD-4969 : bumped spring-security.version to v5.7.10
hmcts · Feb 26, 2024 · 801ed9d · 801ed9d
2 parents 311c91a + 7c7241f
commit 801ed9d
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/build.gradle b/build.gradle
@@ -42,8 +42,9 @@ pmd {
   sourceSets = []
 }
 
+
 ext['spring-framework.version'] = '5.3.27'
-ext['spring-security.version'] = '5.7.8'
+ext['spring-security.version'] = '5.7.10'
 ext['log4j2.version'] = '2.17.1'
 ext['jackson.version'] = '2.15.3'
 ext['snakeyaml.version'] = '2.0'

diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
@@ -3,7 +3,6 @@
 <notes>Temporary Suppression
       CVE-2022-45688 refer https://tools.hmcts.net/jira/browse/CCD-4373
       CVE-2023-34036 refer [Ticket]
-      CVE-2023-34034 refer [Ticket]
       CVE-2023-20873 refer [Ticket]
       CVE-2023-41080 refer [Ticket]
       CVE-2023-42794 refer [Ticket]
@@ -18,7 +17,6 @@
       CVE-2023-35116 refer [Ticket]</notes>
 <cve>CVE-2022-45688</cve>
 <cve>CVE-2023-34036</cve>
-<cve>CVE-2023-34034</cve>
 <cve>CVE-2023-20873</cve>
 <cve>CVE-2023-41080</cve>
 <cve>CVE-2023-42794</cve>
@@ -31,5 +29,6 @@
 <cve>CVE-2023-46589</cve>
 <cve>CVE-2023-6378</cve>
 <cve>CVE-2023-35116</cve>
+<cve>CVE-2023-34042</cve>
 </suppress>
 </suppressions>