From 434a9e73813cf0cedb9202fdab6586c6b5c0d8b1 Mon Sep 17 00:00:00 2001
From: Mahatma_Fatal_Error <MahatmaFatalError@users.noreply.github.com>
Date: Fri, 3 Jan 2025 15:22:37 +0100
Subject: [PATCH] bump logback to latest 1.5.15 to fix CVE-2024-12801 +
 CVE-2024-12798

fixes CVE-2024-12801 + CVE-2024-12798, see https://logback.qos.ch/news.html#1.5.13

see also https://logback.qos.ch/news.html#1.5.15
---
 spring-boot-project/spring-boot-dependencies/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spring-boot-project/spring-boot-dependencies/build.gradle b/spring-boot-project/spring-boot-dependencies/build.gradle
index a77cee7c2c25..712ac0715840 100644
--- a/spring-boot-project/spring-boot-dependencies/build.gradle
+++ b/spring-boot-project/spring-boot-dependencies/build.gradle
@@ -1233,7 +1233,7 @@ bom {
 			releaseNotes("https://github.com/apache/logging-log4j2/releases/tag/rel%2F{version}")
 		}
 	}
-	library("Logback", "1.5.12") {
+	library("Logback", "1.5.15") {
 		group("ch.qos.logback") {
 			modules = [
 				"logback-classic",