Merge pull request #1871 from lift/logback-vulnerability

Bumping logback version to 1.2.3 for a security vulnerability fix

project/Dependencies.scala

@@ -57,7 +57,7 @@ object Dependencies {
 
   // Provided scope:
   // Scope provided by container, available only in compile and test classpath, non-transitive by default.
-  lazy val logback         = "ch.qos.logback"    % "logback-classic"       % "1.1.5"      % "provided"
+  lazy val logback         = "ch.qos.logback"    % "logback-classic"       % "1.2.3"      % "provided"
   lazy val log4j           = "log4j"             % "log4j"                 % "1.2.17"     % "provided"
   lazy val slf4j_log4j12   = "org.slf4j"         % "slf4j-log4j12"         % slf4jVersion % "provided"
   lazy val persistence_api = "javax.persistence" % "persistence-api"       % "1.0.2"      % "provided"