CCD-5490: Bumped libraries to 2.7.12 (#687)

* Bumped libraries to 2.7.12 * bump up version to latest * bump up version to latest --------- Co-authored-by: patelila <[email protected]> Co-authored-by: Ila Patel <[email protected]> Co-authored-by: mwallaceHMCTS <[email protected]>
hmcts · Jul 1, 2024 · e92d1e0 · e92d1e0
1 parent 92c1244
commit e92d1e0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 5 deletions.
diff --git a/build.gradle b/build.gradle
@@ -5,7 +5,7 @@ plugins {
   id 'jacoco'
   id 'io.spring.dependency-management' version '1.0.13.RELEASE'
   id 'info.solidsoft.pitest' version '1.5.0'
-  id 'org.springframework.boot' version '2.7.12'
+  id 'org.springframework.boot' version '2.7.18'
   id 'uk.gov.hmcts.java' version '0.12.43'
   id 'com.github.ben-manes.versions' version '0.36.0'
   id 'org.sonarqube' version '4.2.0.3129'
@@ -283,8 +283,8 @@ dependencies {
   implementation group: 'org.springframework.security', name: 'spring-security-config'
   implementation group: 'org.springframework.security', name: 'spring-security-rsa', version: '1.1.1'
   implementation group: 'org.eclipse.jgit', name:  'org.eclipse.jgit', version: '6.6.1.202309021850-r';
-  implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-client', version: '2.5.14'
-  implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.5.14'
+  implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-client', version: '2.7.18'
+  implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server', version: '2.7.18'
 
   implementation group: 'io.jsonwebtoken', name: 'jjwt', version: '0.9.1'
   implementation group: 'io.github.openfeign', name: 'feign-httpclient', version: '11.0'

diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
@@ -7,7 +7,6 @@
         CVE-2023-1370 refer [Ticket]
         CVE-2023-6378 refer [Ticket]
         CVE-2023-34055 refer [Ticket]
-        CVE-2023-20873 refer [Ticket]
         CVE-2023-34036 refer [Ticket]
         CVE-2023-46589 refer [Ticket]</notes>
 <cve>CVE-2023-35116</cve>
@@ -16,7 +15,6 @@
 <cve>CVE-2023-1370</cve>
 <cve>CVE-2023-6378</cve>
 <cve>CVE-2023-34055</cve>
-<cve>CVE-2023-20873</cve>
 <cve>CVE-2023-34036</cve>
 <cve>CVE-2023-46589</cve>
 </suppress>