Fixes #21169:

Normation · May 25, 2022 · f9f0f04 · f9f0f04
1 parent fa315b5
commit f9f0f04
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 3 deletions.
diff --git a/webapp/sources/dependency-check-suppression.xml b/webapp/sources/dependency-check-suppression.xml
@@ -45,9 +45,16 @@
 </suppress>
 <suppress>
    <notes><![CDATA[
-   file name: spring-core-5.2.20.jar
+   file name: postgresql-42.2.25.jar 
    ]]></notes>
-   <packageUrl regex="true">^pkg:maven/org\.springframework/spring\-.*@5.2.20.RELEASE$</packageUrl>
+   <packageUrl regex="true">^pkg:maven/org\.postgresql/postgresql@42.2.25$</packageUrl>
+   <cve>CVE-2022-26520</cve>
+</suppress>
+<suppress>
+   <notes><![CDATA[
+   file name: spring-core-5.2.22.jar
+   ]]></notes>
+   <packageUrl regex="true">^pkg:maven/org\.springframework/spring\-.*@5.2.22.RELEASE$</packageUrl>
    <cve>CVE-2016-1000027</cve>
 </suppress>
 <suppress>
@@ -57,6 +64,7 @@
    <packageUrl regex="true">^pkg:maven/org\.springframework\.security/spring\-security\-.*@5.3.10.RELEASE$</packageUrl>
    <cve>CVE-2016-1000027</cve>
    <cve>CVE-2022-22965</cve>
+   <cve>CVE-2022-22970</cve>
 </suppress>
 <suppress>
    <notes><![CDATA[

diff --git a/webapp/sources/pom.xml b/webapp/sources/pom.xml
@@ -367,7 +367,7 @@ limitations under the License.
     <commons-lang-version>2.6</commons-lang-version>
     <commons-codec-version>1.14</commons-codec-version>
     <commons-fileupload>1.4</commons-fileupload>
-    <spring-version>5.2.20.RELEASE</spring-version>
+    <spring-version>5.2.22.RELEASE</spring-version>
     <spring-security-version>5.3.10.RELEASE</spring-security-version>
     <jgit-version>5.8.0.202006091008-r</jgit-version>
     <cglib-version>3.3.0</cglib-version>