CVE-2023-2976 - Migrate to a newer Guava

[Kellindil]

Capella 7.0.1 depends on Guava 21.0.0 and Guava 30.1.0

CVE-2023-2976 impacts both versions and is fixed in Guava 32.0.1.

Mylyn is what is pulling the very old Guava 21 I believe, so it should either be updated or removed altogether if possible.

[pdulth]

FYI mylyn no longer use guava.
https://github.com/eclipse-mylyn/org.eclipse.mylyn/releases/tag/R_4_8_0

[Kellindil]

Hello,

I believe it would be better to remove Mylyn altogether from the Capella product.

Interested users would still be able to install it separately, but removing it from the product would simplify maintenance and reduce the security risks (as mylyn introduces its own set of dependencies, that would need to be monitored for CVEs and may warrant patches/rebuilds).