Upgrade Spring Boot version to address many security vulnerabilities (#52)

Fixes #28 ([CVE-2024-38809](https://spring.io/security/cve-2024-38809)), #29 ([CVE-2024-38816](https://spring.io/security/cve-2024-38816)), and #46 ([CVE-2024-38820](https://spring.io/security/cve-2024-38820)) Chose to stay on the 3.2 Spring Boot train despite 3.4 being out. Waiting for a more conscious to do the upgrade in case there are other changes required. Luckily none of the preconditions of the vulnerabilities were true for SciPro so they could not be exploited. Reviewed-on: #52 Reviewed-by: Tom Zhao <tom.zhao@dsv.su.se> Co-authored-by: Andreas Svanberg <andreass@dsv.su.se> Co-committed-by: Andreas Svanberg <andreass@dsv.su.se>
2024-12-03 10:55:28 +01:00 · 2024-12-03 10:55:28 +01:00 · 857f646678
commit 857f646678
parent 1554d4bc27
1 changed files with 1 additions and 1 deletions
--- a/pom.xml
+++ b/pom.xml
@ -101,7 +101,7 @@
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-dependencies</artifactId>
-                <version>3.2.5</version>
+                <version>3.2.12</version>
                <scope>import</scope>
                <type>pom</type>
            </dependency>