Skip to content

Commit f52c947

Browse files
adamsaghygalovics
adamsaghy
authored and
galovics
committed
FINERACT-2326: Upgrade dependencies
1 parent 0dd34eb commit f52c947

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,15 +25,13 @@ dependencyManagement {
2525
mavenBom 'com.squareup.okhttp3:okhttp-bom:4.12.0'
2626
mavenBom 'org.slf4j:slf4j-bom:2.0.17'
2727
mavenBom 'io.micrometer:micrometer-bom:1.13.6'
28-
mavenBom 'org.springframework:spring-framework-bom:6.2.10'
2928
mavenBom 'org.springframework.boot:spring-boot-dependencies:3.5.5'
3029
mavenBom 'io.awspring.cloud:spring-cloud-aws-dependencies:3.2.1'
3130
mavenBom 'io.opentelemetry:opentelemetry-bom:1.44.1'
3231
mavenBom 'org.jetbrains.kotlin:kotlin-bom:2.0.21'
3332
mavenBom 'org.junit:junit-bom:5.11.3'
3433
mavenBom 'com.fasterxml.jackson:jackson-bom:2.18.3'
3534
mavenBom 'io.cucumber:cucumber-bom:7.20.1'
36-
mavenBom 'io.netty:netty-bom:4.1.125.Final'
3735
mavenBom 'org.mockito:mockito-bom:5.14.2'
3836
mavenBom 'software.amazon.awssdk:bom:2.29.9'
3937
mavenBom 'io.github.resilience4j:resilience4j-bom:2.2.0'
@@ -275,5 +273,11 @@ dependencyManagement {
275273
dependency 'org.yakworks:spring-icu4j:0.4.2'
276274
dependency 'org.apache.commons:commons-lang3:3.18.0'
277275
dependency 'com.nimbusds:nimbus-jose-jwt:10.0.2'
276+
// Force Spring Framework version: https://spring.io/security/cve-2025-41249
277+
dependency 'org.springframework:spring-core:6.2.11'
278+
// Force Spring Framework version: https://spring.io/security/cve-2025-41248
279+
dependency 'org.springframework.security:spring-security-core:6.5.4'
280+
// Force netty-codec version: https://scout.docker.com/vulnerabilities/id/CVE-2025-58057
281+
dependency 'io.netty:netty-codec:4.1.125.Final'
278282
}
279283
}

0 commit comments

Comments
 (0)