switch to spring-2.3.1 (#574)

* switch to spring-2.3.1 * remove CVE-2020-11996 mitigation is now resolved by upgrade to spring-2.3.1
corona-warn-app · Jul 1, 2020 · e7c71d5 · e7c71d5
1 parent a7f6fd7
commit e7c71d5
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 8 deletions.
diff --git a/common/persistence/pom.xml b/common/persistence/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.3.0.RELEASE</version>
+    <version>2.3.1.RELEASE</version>
     <relativePath></relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>

diff --git a/services/pom.xml b/services/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.3.0.RELEASE</version>
+    <version>2.3.1.RELEASE</version>
     <relativePath></relativePath>
   </parent>
 
@@ -96,12 +96,6 @@
       <version>42.2.13</version>
       <scope>runtime</scope>
     </dependency>
-    <dependency>
-      <!-- https://nvd.nist.gov/vuln/detail/CVE-2020-11996 -->
-      <groupId>org.apache.tomcat.embed</groupId>
-      <artifactId>tomcat-embed-core</artifactId>
-      <version>9.0.36</version>
-    </dependency>
   </dependencies>
 
   <build>