fix: mvn-defaults/pom.xml & driver-cockroachdb/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 - https://snyk.io/vuln/SNYK-JAVA-ORGPOSTGRESQL-2390459
2024-11-25 02:00:38 -06:00 · 2022-03-07 23:38:47 +00:00 · 2022-03-07 23:38:47 +00:00 · 5c03d4dc2f
commit 5c03d4dc2f
parent d584bb3f25
2 changed files with 5 additions and 5 deletions
--- a/driver-cockroachdb/pom.xml
+++ b/driver-cockroachdb/pom.xml
@ -26,7 +26,7 @@
        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
-            <version>42.2.14</version>
+            <version>42.2.25</version>
        </dependency>
    </dependencies>

--- a/mvn-defaults/pom.xml
+++ b/mvn-defaults/pom.xml
@ -367,26 +367,26 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-api</artifactId>
-            <version>2.17.0</version>
+            <version>2.17.2</version>
        </dependency>

        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-core</artifactId>
-            <version>2.17.1</version>
+            <version>2.17.2</version>
        </dependency>

        <!-- binding for routing slf4j API calls to log4j -->
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.15.0</version>
+            <version>2.17.2</version>
        </dependency>

        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-jcl</artifactId>
-            <version>2.15.0</version>
+            <version>2.17.2</version>
        </dependency>

        <dependency>