From bf42b4c3000e0fdeb479fbdabe90560c5adc4363 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 11 Dec 2018 22:34:50 +0000
Subject: [PATCH] fix: todolist-core/pom.xml & pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078
- https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-31325
- https://snyk.io/vuln/snyk:lic:maven:commons-collections:commons-collections:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-aop:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-aspects:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-beans:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-context-support:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-context:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-core:Apache-2.0
- https://snyk.io/vuln/snyk:lic:maven:org.springframework:spring-expression:Apache-2.0
---
 pom.xml               | 2 +-
 todolist-core/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index fa14b3c1cb..9a7770738b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
     <url>https://github.com/snyk/java-goof</url>
 
     <properties>
-        <spring.version>3.2.6.RELEASE</spring.version>
+        <spring.version>4.3.8.RELEASE</spring.version>
         <hibernate.version>4.3.7.Final</hibernate.version>
         <tapestry.version>5.3.8</tapestry.version>
         <struts2.version>2.3.20</struts2.version>
diff --git a/todolist-core/pom.xml b/todolist-core/pom.xml
index 705976a3e1..c4802b0fdc 100644
--- a/todolist-core/pom.xml
+++ b/todolist-core/pom.xml
@@ -87,7 +87,7 @@
         <dependency>
             <groupId>commons-collections</groupId>
             <artifactId>commons-collections</artifactId>
-            <version>3.2.1</version>
+            <version>20030418.083655</version>
         </dependency>
 
         <!-- test dependencies -->